| VID |
21077 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Webcom's (www.webcom.se) CGI Guestbook (wguest.exe and rguest.exe) has a number of security problems where any text based file on an NT machine could be read from the file system provided the attacker knew the path to the file and the Anonymous Internet Account (IUSR_MACHINENAME on IIS) has the NTFS read right to the file in question. On machines such as Windows 95/98 without local file security every file is readable. wguest.exe is used to write to the Guestbook and rguest.exe is used to read from the Guestbook.
For examples, a request for http://server/cgi-bin/wguest.exe?template=c:\boot.ini will return the remote Web server's boot.ini and http://server/cgi-bin/rguest.exe?template=c:\winnt\system32\$winnt$.inf will return the $winnt$.inf file. |
| Recommendation |
Remove the WebCom Guestbook CGI components from your web server until you can obtain an updated version that corrects these problems. |
| Related URL |
CVE-1999-0467 (CVE) |
| Related URL |
2024 (SecurityFocus) |
| Related URL |
2072 (ISS) |
|
