Test ID:	10616
Category:	Web application abuses
Title:	webspirs.cgi
Summary:	The remote web server contains a CGI script that is prone to; information disclosure.;; Description :;; The remote host is running WebSPIRS, SilverPlatter's Information; Retrieval System for the World Wide Web.;; The installed version of WebSPIRS has a well known security flaw that; lets an attacker read arbitrary files with the privileges of the http; daemon (usually root or nobody).
Description:	Summary: The remote web server contains a CGI script that is prone to information disclosure. Description : The remote host is running WebSPIRS, SilverPlatter's Information Retrieval System for the World Wide Web. The installed version of WebSPIRS has a well known security flaw that lets an attacker read arbitrary files with the privileges of the http daemon (usually root or nobody). Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	BugTraq ID: 2362 Common Vulnerability Exposure (CVE) ID: CVE-2001-0211 http://www.securityfocus.com/bid/2362 Bugtraq: 20010212 WebSPIRS CGI script "show files" Vulnerability. (Google Search) http://archives.neohapsis.com/archives/bugtraq/2001-02/0217.html
Copyright	Copyright (C) 2001 Laurent Kitzinger

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.