Code: p749 Severity: Warning
Description: An attempt to access a script (formmail) in the cgi-bin which has known vulnerabilities. Formmail is a freely available perl script that is used to send data collected via a form to specified addresses. Impact: Attempt to gain information about the web-server environment variables. Could also be an attempt to execute commands on the web-server that will execute with the privilege of the user owning the daemon running the server. The script may also be used to relay SPAM or to disclose the contents of files on the host. Corrective: Web-servers should not be allowed to view or execute files and binaries outside of it's designated web root or cgi-bin. The web-server httpd daemon should be run as a non-privileged user without login access to the host. The formmail script should be updated to a non-vulnerable version as soon as possible.
|
