| VID |
21097 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The /cgi-bin/webfind.exe CGI program is installed in the relevant web server. When you give a long 'keyword' take over, Buffer overflow happens. This CGI has a well known security flaw that lets anyone execute arbitrary commands with the privileges of the http daemon (root or nobody). |
| Recommendation |
Upgrade to WebSitePro 2.5 or remove this CGI |
| Related URL |
CVE-2000-0622 (CVE) |
| Related URL |
1487 (SecurityFocus) |
| Related URL |
4962 (ISS) |
|
