Code: p106 Severity: Notice
Description: WEBgais is a Web-based index/query system written in the Perl language. A vulnerability exists in the way the webgais script handles shell metacharacters, which allows a remote attacker to execute commands on the remote machine with the privileges of the Web server, usually nobody. Impact: All versions of the WEBgais package up to 1.0b2 are vulnerable. Corrective: Disable the webgais script and upgrade to the latest version on the package.
|
