| VID |
21083 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
There is the "spin_client.cgi" CGI in the arbitrary web-server. This CGI is vulnerable to a Buffer overflow that will allow a remote user to execute arbitrary commands with the privileges of the http server.
* References:
http://cgi.nessus.org/plugins/dump.php3?id=10393 |
| Recommendation |
Remove the spin_client.cgi file from /cgi-bin directory |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
