| VID |
21018 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The 'alibaba.pl' cgi is installed and it's seemed to be running Alibaba web server. This CGI has a well known security flaw that lets anyone execute arbitrary commands on the remote server.
Alibaba is a Windows based web server and it has founded numerous vulnerabilities.
For examples, Simply by requesting |dir%20c:\[dir] after every cgi script, you can see the contents of the directory you specified after |dir%20. CGI Scripts that seem to be able to do this are: get16.exe, get32.exe, post16.exe, get32.exe, tst.bat, tst2.bat, lsin.exe, lsindex2.bat, imapcern.exe, imapncsa.exe and aliredir.exe. |
| Recommendation |
No resolution exists as of June 2014. Remove the sample files including the alibaba.pl from /cgi-bin directory and Upgrade the web server to the latest version not to be vulnerable. |
| Related URL |
CVE-1999-0885 (CVE) |
| Related URL |
770 (SecurityFocus) |
| Related URL |
3454 (ISS) |
|
