Code: p653 Severity: Warning
Description: A web command execution attack involving the use of a "nmap" command Impact: Possible intelligence gathering activity. Corrective: Check the web server software for vulnerabilities and possible upgrades or patches for the system to the latest version of the web software, also investigate the server logs for signs of compromise Webservers should not be allowed to view or execute files and binaries outside of it's designated web root or cgi-bin. Disallowing execution of this binary via a URI is suggested.
|
