| VID |
21017 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The 'aglimpse' CGI is installed.
The aglimpse CGI script shipped with Glimpse HTTP 2.0 and WebGlimpse versions prior to 1.5 contains a vulnerability that would allow an attacker to remotely execute commands on a web server with the UID of the user running the httpd process. |
| Recommendation |
1. If it's not needed, remove the file from /cgi-bin directory
2. Upgrade to WebGlimpse at http://donkey.cs.arizona.edu/security.html.
3. As a temporary fix, log on as root on the vulnerable machine and type:
# /bin/chmod 400 /usr/local/etc/httpd/cgi-bin/aglimpse
Replace the path name with your cgi-bin directory.
4. Patches: Insert a / character at the start of the open command in the aglimpse program (around line 72).
The vulnerable line is:
open(CONF,'$indexdir/archive.cfg') || &err_conf;
The patched line is:
open(CONF,'/$indexdir/archive.cfg') || &err_conf; |
| Related URL |
CVE-1999-0147 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
