Code: p638 Severity: Warning
Description: Attempted cc command access via web Impact: Attempt to compile a binary on a host. Corrective: Webservers should not be allowed to view or execute files and binaries outside of it'sdesignated web root or cgi-bin. This command may also be requested ona command line should the attacker gain access to the machine. Wheneverpossible, sensitive files and certain areas of the filesystem shouldhave the system immutable flag set to prevent files from being addedto the host. On BSD derived systems, setting the systems runtimesecurelevel also prevents the securelevel from being changed. (note: thesecurelevel can only be increased).
|
