| VID |
21024 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The 'bnbform.cgi' cgi is installed.
BNBForm is a form processing script by BigNoseBird. BNBForm supports automatically sending response e-mails to people's form submissions. A vulnerability in how this is implemented could allow a remote attacker to mail themselves files off of vulnerable servers.
This script is originated from 'http://www.freecode.com/'. |
| Recommendation |
Remove the bnbform.cgi file from /directory until you can obtain and install a more recent version. |
| Related URL |
CVE-1999-0937 (CVE) |
| Related URL |
2147 (SecurityFocus) |
| Related URL |
3093 (ISS) |
|
