Release DateMar 09, 2010 |
Severitylow |
ImpactSystem Compromise: Remote attackers can gain sensitive information from vulnerable systems. |
DescriptionThis indicates an attack attempt against a remote information-disclosure vulnerability in the test-cgi program.A vulnerability has been reported in the test-cgi program that may allow an attacker to list files on a vulnerable server. This is possible because the user input filters fail to properly sanitize the URL that is passed to tje test-cgi program. An attacker may gain sensitive information by sending a crafted HTTP request. |
Affected Productstest-cgi |
Recommended ActionsCurrently we are not aware of any officially supplied patch for this issue. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-1999-0070 |
Reference/shttp://insecure.org/sploits/test-cgi.htmlhttp://insecure.org/sploits/test-cgi.server_protocol.html |
