Summary
The CWMail.exe exists on this webserver.
Some versions of this file are vulnerable to remote exploit.
An attacker may make use of this file to gain access to confidential data or escalate their privileges on the Web server.
Solution
remove it from the cgi-bin or scripts directory.
Patch information: http://marc.theaimsgroup.com/?l=bugtraq&m=101362100602008&w=2
Severity
Classification
-
CVE CVE-2002-0273 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- 2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities
- Apache Rave User Information Disclosure Vulnerability
- Apache Tiles Multiple XSS Vulnerability
- A4Desk Event Calendar 'eventid' Parameter SQL Injection Vulnerability
- Alt-N WebAdmin Remote Source Code Information Disclosure Vulnerability