| VID |
21144 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The "/scripts/tools/mkilog.exe" CGI program is installed. This CGI makes it possible for crackers to view or change the information of SQL DB.
* References:
http://lists.jammed.com/pen-test/2001/07/0187.html |
| Recommendation |
Remove the /scripts/tools/mkilog.exe file in the web server |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
