Summary
The 'guestbook.cgi' is installed. This CGI has
a well known security flaw that lets anyone execute arbitrary commands with the privileges of the http daemon (root or nobody).
Solution
remove it from /cgi-bin.
Severity
Classification
-
CVE CVE-1999-0237 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
- Apache Axis2 Document Type Declaration Processing Security Vulnerability
- 4psa Voipnow Local File Inclusion Vulnerability
- Apache Tomcat AJP Protocol Security Bypass Vulnerability
- Apache Solr XML External Entity(XXE) Vulnerability-02 Jan-14