CGIEmail's CGICso (Send CSO via CGI) Command Execution Vulnerability

The remote host seems to be vulnerable to a security problem in CGIEmail (cgicso). The vulnerability is caused by inadequate processing of queries by CGIEmail's cgicso and results in a command execution vulnerability.
The server can be compromised by executing commands as the web server's running user (usually 'nobody').
Modify cgicso.h to contain a strict setting of your finger host. Example: Define the following in cgicso.h: #define CGI_CSO_HARDCODE #define CGI_CSO_FINGERHOST 'localhost'