Possible Common Gateway Interface Interface (CGI) Access

Impact

Many Web servers support dynamic page generation through CGI, related scripting, and remote program execution. Several of these scripts/programs present vulnerabilities to the Web server to include: The table below provides a list of the vulnerabilities which SARA attempts to identify where the columns are:

ExploitCVECharacteristicReference
campas1999-0146Execute commands on Web Serverhttp://xforce.iss.net/static/298.php
handler1999-0148Execute commands on IRIX Web Serverhttp://www.securityfocus.com/bid/380
php1999-0058View files on Web Serverhttp://www.securityfocus.com/bid/911
info2www1999-0266Execute commands on Web Serverhttp://xforce.iss.net/static/1732.php
glimpse1999-0148Access files on IRIX Web Serverhttp://xforce.iss.net/static/340.php
webgais1999-0176Execute commands on Web Serverhttp://xforce.iss.net/static/296.php
websendmail1999-0196Execute commands on Web Serverhttp://xforce.iss.net/static/296.php
perlExecute commands on Web ServerRemove from Web directories
uploader1999-0177Load/execute files on Webite Serverhttp://xforce.iss.net/static/294.php
args.cmdExecute commands on Website ServerDelete file
win-c-sample1999-0178Execute commands on Web Serverhttp://www.securityfocus.com/bid/994
infosrch2000-0207View files on IRIX Web Serverhttp://www.securityfocus.com/bid/1031
test-cgi1999-0070Web Server provides system informationhttp://xforce.iss.net/static/149.php
nph-test1999-0045Web Server provides system informationhttp://xforce.iss.net/static/289.php
wrap1999-0149IRIX Server provides system informationhttp://xforce.iss.net/static/290.php
bashDirect shell access from Web ServerRemove from Web directories
cshDirect shell access from Web ServerRemove from Web directories
kshDirect shell access from Web ServerRemove from Web directories
tcshDirect shell access from Web ServerRemove from Web directories
zshDirect shell access from Web ServerRemove from Web directories
coldfusion2000-0189Access files on Web Serverhttp://www.securityfocus.com/bid/1021
codebrwsRead files on MS Web Serverhttp://xforce.iss.net/static/2383.php
showcodeRead files on MS Web Serverhttp://xforce.iss.net/static/2383.php
pirahnaExecute commands on Linux Serverhttp://xforce.iss.net/static/4307.php
visdev2000-0260Execute commands on IIS Serverhttp://xforce.iss.net/static/4333.php
answerbook2Execute commands on wdhttpd Serverhttp://www.securityfocus.com/bid/253
photoalbumExecute commands on Web Serverhttp://www.securityfocus.com/bid/1650
machineinfoView IRIX info on Web Serverhttp://xforce.iss.net/static/1730.php
WebLogicCVE-2000-0682
CVE-2000-0683
CVE-2000-0684
CVE-2000-0685
Execute files on server
Read files on server
http://www.securityfocus.com/bid/2138
http://www.securityfocus.com/bid/1570
http://www.securityfocus.com/bid/1525
http://www.securityfocus.com/bid/1517

Resolution

Resolution of the exploit(s) is provided in the Table Reference