| VID |
21099 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The "websendmail" CGI is installed.
The websendmail program allows a remote attacker to execute arbitrary commands on vulnerable systems. Websendmail is a cgi-bin program that comes with the WEBgais package. WEBgais is a collection of CGI gateway programs, which incorporate the Global Area Intelligent Search (GAIS) index/query system, so that it can be used as a search engine in WWW information servers. Websendmail reads input from a form and sends e-mail to the specified destination. Versions of WEBgais up to v1.0b2 are vulnerable.
* References:
http://www.securityfocus.com/bid/2077
http://xforce.iss.net/xforce/xfdb/296 |
| Recommendation |
Remove the 'websendmail' file from the /cgi-bin directory or change program permissions as the following:
As root on the vulnerable machine, type:
# /bin/chmod 400 /usr/local/etc/httpd/cgi-bin/websendmail |
| Related URL |
CVE-1999-0196 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
