27 Jul
1999
27 Jul
'99
20:08
I know nothing about CGI-scanner, but the fact 1) there is a script called test, active in the cgi-bin is a security treat, 2) it prints out var listings of the system, their is no reason you should willingfully give any infomartion about your system to possiable crackers. belial wrote:
hi Today i downloaded CGI-scanner and scanned my PC(SuseLinux 6.0).The scanner founds only one bug: Searching for test-cgi : Found!! Can somebody tell me how does this bug work and what would a cracker do to gain access. And how can i fix this bug?
Th@nx
Christian
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com