Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> CGI abuses >> webwho plus

Vulnerability Assessment Details

webwho plus
Vulnerability Assessment Summary
Checks if webwho.pl is vulnerable

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote web server contains a CGI script that is prone to arbitrary
code execution.

Description :

The WebWho+ CGI script appears to be installed on the remote host.
This Perl script permits a possible hacker to view any file on the remote host
as well as to execute arbitrary commands, both subject to the rights
of the web server user id.

See also :

http://archives.neohapsis.com/archives/bugtraq/1999-q4/0469.html

Solution :

Remove the affected script.

Network Security Threat Level:

High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)

Networks Security ID: 892

Vulnerability Assessment Copyright: This script is Copyright (C) 2003 Renaud Deraison
Cables, Connectors


MOS 6502 CPU for Commodore VIC 20 Computer & 1541 & 1571 Tested US SELLER picture

MOS 6502 CPU for Commodore VIC 20 Computer & 1541 & 1571 Tested US SELLER

$12.99


Commodore SX-64 W/Rare 1541 Flash Installed READ DESCRIPTION SX64 C-64 picture

Commodore SX-64 W/Rare 1541 Flash Installed READ DESCRIPTION SX64 C-64

$459.00


Commodore 128 Personal Computer C128 with Power Supply Fast Load Cartridge picture

Commodore 128 Personal Computer C128 with Power Supply Fast Load Cartridge

$220.00


Commodore 64 Home Computer picture

Commodore 64 Home Computer

$200.00


Commodore 64 Disk Drive, Includes Cables & Manuals. picture

Commodore 64 Disk Drive, Includes Cables & Manuals.

$60.00


Commodore VIC 20 Computer In Box As Is For Parts or repair picture

Commodore VIC 20 Computer In Box As Is For Parts or repair

$64.00


Commodore VIC 20 power cord (NEW REPLACEMENT POWER CORD AND CONNECTORS) picture

Commodore VIC 20 power cord (NEW REPLACEMENT POWER CORD AND CONNECTORS)

$14.99


Commodore 64 2 in 1 Diagnostic & Dead Test Cartridge Fully Assembled USA seller picture

Commodore 64 2 in 1 Diagnostic & Dead Test Cartridge Fully Assembled USA seller

$19.99


TeensyROM Cartridge for Commodore 64/128: MIDI, Fastload, Emulation, and Network picture

TeensyROM Cartridge for Commodore 64/128: MIDI, Fastload, Emulation, and Network

$65.00


1984 Commodore home Computer Video Color Monitor Model 1702 picture

1984 Commodore home Computer Video Color Monitor Model 1702

$252.00


Discussions

No Discussions have been posted on this vulnerability.