| VID |
21522 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The relevant Web server seems to have a backup file of the original CGI file. By requesting the CGI name with a special suffix (.old, .bak, .back, ~ or .copy), a remote attacker could access the source code of various CGIs. The backup files are usually renamed to something similar to the original file name with a special string appended. If a remote attacker accesses these backup files, the Web server could fail to apply proper ACLs (access control lists) or could fail to execute the CGI as a program, which could return the program's source code instead.
* Platforms Affected:
Any HTTP server Any version
Any operating system Any version |
| Recommendation |
Remove all backup files immediately from directories accessible by a Web browser. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
2370 (ISS) |
|
