| VID |
21025 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The '/cgi-bin/cachemgr.cgi' CGI is installed.
The cachemgr.cgi script is distributed with the Squid proxy as a tool for managing and viewing statistics about a running cache server. It is not by default installed into a system's web server CGI directory but under some systems, namely Red Hat Linux, the cachemgr.cgi script can be found in this directory with no access controls in place. This script can be used by a remote attacker to connect to arbitrary hosts and ports which could be used to "proxy" portscans through vulnerable systems. |
| Recommendation |
1. Remove the cachemgr.cgi script from your server's CGI-BIN directory.
# /etc/rc.d/init.d/squid stop ; rpm -e squid
# /etc/rc.d/init.d/squid start
2. Patch : For each RPM for your particular architecture, run:
(where filename is the name of the RPM)
# rpm -Uvh filename |
| Related URL |
CVE-1999-0710 (CVE) |
| Related URL |
2059 (SecurityFocus) |
| Related URL |
2385 (ISS) |
|
