| VID |
21220 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Sambar web server has HELLO.BAT and ECHO.BAT in the CGI directory.
Sambar Server is a multi-threaded HTTP, FTP and Proxy server for Windows environments. The default installation of Sambar server, places two batch files in the server's /cgi-bin/ directory.
Those two batch files - ECHO.BAT and HELLO.BAT- are simple files with just one "echo" command in them. The .BAT files such as these two files can cause a lot of trouble, which allows remote attackers to execute commands with the privileges of the web server process. Any DOS batch script (*.BAT) can pose a security risk and should be avoided.
This vulnerability only affects Sambar Server running on Windows NT or Windows 2000.
For example, the request as the follow:
http://target_host/cgi-bin/hello.bat?&dir+c:\
will display the directory listing of drive C:\
* Note : This check item only checks whether there are these two batch files in the CGI directory.
* References:
http://www.securityfocus.com/bid/1002
http://www.iss.net/security_center/static/3999.php |
| Recommendation |
Remove all *.bat (batch) files, including echo.bat and hello.bat, from your server's CGI-BIN directory.
-- OR --
Upgrade to the Sambar version 4.2 beta 8 or later, which no longer includes these batch files. |
| Related URL |
CVE-2000-0213 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
