Code: p102 Severity: Notice
Description: A problem in the 'files.pl' script distributed with the Novell WebServer Examples Toolkit v2 could allow a remote attacker to view the contents of any file or directory on vulnerable servers. The attacker would be limited to viewing files accessible to the user owning the server process. Impact: Servers running the files.pl script. Corrective: Remove the 'files.pl' script from any production or sensitive servers on your network. It is a good practice to always remove sample scripts from the CGI-BIN directory of your web server before putting it into production.
|
