| VID |
21028 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The "cgiwrap" CGI is installed.
There are several problems with the "cgiwrap" program on Cobalt RaQ2 servers. A malicious user can bypass cgiwrap, by creating an .htaccess file containing specific parameters to run scripts as user httpd. consequently, the remote user can execute arbitrary commands with the privileges of the http daemon (root or nobody).
** Note that all version of cgiwrap are not affected by this problem ! Consult your vendor.
* References:
http://www.iss.net/security_center/static/4531.php |
| Recommendation |
If it's not needed, remove the imagemap.exe program from the CGI-BIN directory, or upgrade to the latest version. Recent versions can be found in http://www.cobalt.com/support/download/ |
| Related URL |
CVE-2000-0431 (CVE) |
| Related URL |
1238 (SecurityFocus) |
| Related URL |
(ISS) |
|
