'cgiwrap' is installed. If you are running an unpatched Cobalt RaQ, the version of cgiwrap distributed with that system has a known security flaw that lets anyone execute arbitrary commands with the privileges of the http daemon (root or nobody). This flaw exists only on the Cobalt modified cgiwrap. Standard builds of cgiwrap are not affected.
upgrade your Cobalt RaQ to apply fix