Code: p990 Severity: Notice
Description: This event is generated when an attempt is made to access guestserver.cgi on an internal web server. This may indicate an attempt to exploit a remote command execution vulnerability in Lars Ellingsen's Guestbook system. Impact: Remote execution of arbitrary code. Corrective: Because Lars Ellingsen's guestbook system does not appear to be currently maintained, you may want to use a different guestbook application. As a workaround, you can change the 1 that appears on the line beneath <-guestbook.mailto_guest-> to 0 in the guestbook.config file.
|
