CGI.CSChatRBox.Setup.Remote.Command.Execution

Release Date Jan 05, 2012
Severity high
Impact Compromise of the affected system.
Description This indicates a possible exploit of a Remote Code Execution Vulnerability in csChatRBox.cgi in CGIScript.net csChat-R-Box. An attacker may send a specially crafted HTTP request containing link to malicious perl code on setup parameter which will be run on the affected server within the privilege of web server process. csChat-R-Box is a web chat script.
Affected Products CGISCRIPT.NET csChat-R-Box 1.0
Recommended Actions System Compromise: Remote attackers can gain control of vulnerable systems
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2002-1752
Reference/s http://www.securityfocus.com/bid/4452 (BugTraq)

Fortinet