Mailinglist Archive: opensuse-security (192 mails)

< Previous Next >
Re: [suse-security] SuSE 6.4| test.cgi
On my suse 6.4 i had only found this one /usr/doc/LDP/cgi-bin/test.cgi

=============

#!/bin/sh

echo Content-type: text/plain
echo

echo CGI/1.0 test script report:
echo

echo argc is $#. argv "$*".
echo

printenv

=============

Some example from Linux Documentation Project ...

[ ]'s Bacano

----- Original Message -----
From: "Grant M***" <gm_@xxxxxxxxx>
To: <suse-security@xxxxxxxx>
Sent: Sunday, May 14, 2000 3:23 AM
Subject: [suse-security] SuSE 6.4| test.cgi


> ok i just got SuSE 6.4 and was looking around when i tried one of those
cgi scanners on my box, low and behold it came up with a the test.cgi
exploit which allows people to basically see whats running on your computer
>
> http://localhost/cgi-bin/test.cgi?*/
>
> now i isntalled everything and have no clue whether it came on default
installation, but this exploit could be wrather dangerous so if you could
appoint me to a patch to fix this problem, i would be very greatful
> -----------------------------------------------
> FREE! The World's Best Email Address @email.com
> Reserve your name now at http://www.email.com
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
>
>


< Previous Next >
References