| VID |
21164 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The "way-board" CGI is installed. Way-BOARD is a Korean message board script for Web sites.
Way-BOARD CGI could allow a remote attacker to view unauthorized files on the Web server. A remote attacker can append %00 to an HTTP request of a known file to cause the contents of the file to be returned and gain access to sensitive information. This vulnerability can only be exploited on systems where Perl is installed. |
| Recommendation |
No remedy available as of June 2014. Remove it from /cgi-bin. |
| Related URL |
CVE-2001-0214 (CVE) |
| Related URL |
2370 (SecurityFocus) |
| Related URL |
6091 (ISS) |
|
