| VID |
21052 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The "htmlscript" CGI is installed.
A vulnerability exists in Miva Corporation's htmlscript CGI program that allows remote users to read files on the server. Any file that the user running the server (usually "nobody") can read can be accessed from this CGI-BIN script. Versions previous to 2.9932 contain this vulnerability. |
| Recommendation |
If it's not needed, remove the file from cgi directory, or upgrade to the version 2.9933 or greater. you can find more information in http://www.htmlscript.com/ |
| Related URL |
CVE-1999-0264 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
