Release DateJan 05, 2012 |
Severitymedium |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems |
DescriptionThis indicates a possible exploit of a Remote Code Execution Vulnerability in csLiveSupport.cgi of CGIScript.net csLiveSupport.An attacker may send a specially crafted HTTP request containing link to malicious perl code on setup parameter, which will be run on the affected server within the privilege of web server process. csLiveSupport is a script for providing live web support. |
Affected ProductsCGISCRIPT.NET csLiveSupport 1.0 |
Recommended ActionsApply appropriate patch from the vendor. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2002-1751 |
Reference/shttp://www.securityfocus.com/bid/4450 (BugTraq) |
