| VID |
21084 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The 'survey.cgi' cgi is installed.
BNB Survey.cgi is a CGI script that allows for simple web surveys. When operating in a mode to prevent users from voting more than once, which is not the default, the script could allow remote attackers to execute arbitrary commands via shell metacharacters on vulnerable servers.
This script is originated from 'http://www.freecode.com/'. |
| Recommendation |
Remove the survey.cgi file from /directory until you can obtain and install a more recent version. |
| Related URL |
CVE-1999-0936 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
