| VID |
21093 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The 'view-source' CGI is installed.
The view-source CGI script distributed with some web servers and the SCO Skunkware CD-ROM. Unhopefully, 'view-source' cgi does not properly check the arguments and lets an attacker read arbitrary files with the privileges of the http daemon (usually root or nobody).
It is therefore possible to display any file on systems where view-source is world executable by sending something like:
'http://www.target.com/cgi-bin/view-source?../../../../../../../etc/passwd'
* References:
http://www.netspace.org/cgi-bin/wa?A2=ind9702B&L=bugtraq&P=R64 |
| Recommendation |
Remove the "view-source" CGI from /cgi-bin directory. |
| Related URL |
CVE-1999-0174 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
