| VID |
21270 |
| Severity |
20 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The CVSWeb CGI (cvsweb.cgi) is installed. Henner Zeller CVSWeb is used to share programming source code and to browse the content of a CVS repository. Some web sites are misconfigured and allow access to their sensitive source code without any password protection.
This check tries to detect the presence of a CVSWeb CGI and when it finds it, it tries to obtain its version.
* Platforms Affected:
Henner Zeller CVSWeb Any version
UNIX Any version
Linux Any version |
| Recommendation |
If unauthorized access isn't wanted, restrict the access to this CGI using password protection. Or disable it if it is not needed. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
