Release DateDec 24, 2011 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems |
DescriptionIt indicates a possible attempt to exploit a Remote Code Execution vulnerability in csGuestbook.cgi of CGIScript.net CSGuestbook.An attacker may send a specially crafted HTTP request containing link to malicious perl code on setup parameter which will be run on the affected server with privilege of web server process. csGuestbook is web guestbook software. |
Affected ProductsCGISCRIPT.NET csGuestbook 1.0 |
Recommended ActionsApply appropriate patch from the vendor. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2002-1750 |
Reference/shttp://www.securityfocus.com/bid/4448 (BugTraq) |
