| VID |
21061 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The '/cgi-bin/MachineInfo' CGI is installed.
The CGI script MachineInfo installed by default on some IRIX systems provides detailed information regarding the machine it is running on. This information includes the type and speed of the processor, memory, and other details on installed hardware. This information could possibly be used by an attacker to make a more direct and precise attack on a machine.
* References:
http://www.cert.org/advisories/CA-1997-12.html
http://www.iss.net/security_center/static/1730.php |
| Recommendation |
Remove the MachineInfo script from the CGI bin directory of your web server. |
| Related URL |
CVE-1999-1067 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
