| VID |
21221 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The vulnerable CGI, 'mailit.pl' is installed on the Sambar web server.
Sambar Server is a multi-threaded HTTP, FTP and Proxy server for Windows environments. This CGI takes a POST request from any host and sends a mail to a supplied address. The mailit script included with some Sambar versions can allow a remote attacker to execute arbitrary commands on the server.
Platforms Affected:
Sambar Server 4.1 BETA1 ~ 4.1 BETA5
* Note : The Sambar Technologies has modified the script to only be accessible to "localhost".
This check item checks whether there is the mailit.pl CGI script and only localhost is allowed to use this script.
* References:
http://www.sambar.com/syshelp/security.htm
http://www.iss.net/security_center/static/1671.php |
| Recommendation |
Remove the mailit.pl script from the CGI directory.
-- OR --
Upgrade to the latest version of Sambar(5.2 or later) available from the Sambar Web site:
http://www.tucows.com/preview/195629 |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
