| VID |
21059 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The 'jj' CGI is installed.
The jj CGI program is distributed with some older HTTP servers as a demonstration program. It could be possible on some systems to cause the jj CGI program to execute arbitrary commands by shell escaping from the /bin/mail program on systems that support such a feature. The attacker must be aware of the password to gain such access, several defaults are known including "HTTPDrocks" and "SDGROCKS".
* References:
http://www.iss.net/security_center/static/1808.php |
| Recommendation |
Remove the jj program from your CGI-BIN directory, along with all other non-essential demo programs. |
| Related URL |
CVE-1999-0260 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
