CGI security vulnerability Data Quick Check v1.0 (turn three)

Source: Internet
Author: User
Tags anonymous ftp iis ini query cpu usage access root directory
cgi| Security | Security Vulnerabilities 51
Type: Attack type
Name: Search97.vts
Risk Rating: Medium
Description: This file will enable the intruder to read any files that the httpd user can read in your system.
Recommendation: Delete or remove Search97.vts from your web directory
WORKAROUND: Delete or remove the Search97.vts in your web directory, or go to the following address to download patch
https://customers.verity.com/products/server/310/patches/


_____________________________________________________________________________

52
Type: Attack type
Name: Carbo.dll
Risk Rating: Low
Description: If you install systems running ICAT Suite version 3.0, it will automatically add a file called Carbo.dll on your system, and the intruder will be able to access the files on your system with this file
Recommendation: Delete or remove openfile.cfm from your web directory
WORKAROUND: Delete or remove openfile.cfm in your web directory


__________________________________________________________________________

53
Type: Attack type
Name: whois_raw.cgi
Risk Rating: Low
Description: Because of the whois_raw.cgi author's error, this CGI will enable intruders to execute arbitrary programs on your system with the privileges of the user who initiates httpd on your system
Recommendation: Delete or remove whois_raw.cgi from your web directory
WORKAROUND: Delete or remove whois_raw.cgi in your web directory


_______________________________________________________________________________

54
Type: Attack type
Name: Doc
Risk Rating: Low
Description: Your Web directory can file lists, which will help intruders analyze your system Information
Recommendation: Set all your web directories as not a list of files
WORKAROUND: Set all your web directories to a list of files that cannot be used


_______________________________________________________________________________

55
Type: Attack type
Name:. Html/............./config.sys
Risk Rating: Low
Description: If you are using a longer version of ICQ, the intruder can use it to read all the files on your machine
Recommendation: Download the new version of ICQ
WORKAROUND: Please go to the following address to download the new version of ICQ
http://www.icq.com/download/


______________________________________________________________________

56
Type: Attack type
Name: .../
Risk Rating: Medium
Description: The webserver software you use enables intruders to read all files on your system
Recommendation: Replace or upgrade your webserver software
WORKAROUND: Replace or upgrade your webserver software


_________________________________________________________________________


58
Type: Attack type
Name: no-such-file.pl
Risk Rating: Low
Description: The flaw in your webserver software allows intruders to analyze the directory structure of your site using a non-existent CGI script request
Recommendation: Upgrade your webserver software
Workaround: Upgrade your webserver software


________________________________________________________________________________

59
Type: Attack type
Name: _vti_bin/shtml.dll
Risk Rating: Low
Description: Intruders using this file will enable your system to use up to 100% CPU usage
Recommendation: Delete or remove _vti_bin/shtml.dll from your web directory
WORKAROUND: Delete or remove _vti_bin/shtml.dll from your web directory

______________________________________________________________________

60
Type: Information type
Name: Nph-publish
Risk Rating: Medium
Description: There are nph-publish files in the/cgi-bin directory, which allows intruders to browse any file on the server via www
Recommendation: It is recommended to review the/cgi-bin directory and remove unnecessary CGI programs
Workaround: Delete the Nph-publish file


______________________________________________________________________


61
Type: Information type
Name: showcode.asp
Risk Rating: Medium
Description: In/msadc/samples/selector/showcode.asp?source=/msadc/samples/selector/ showcode.asp files exist in the directory can be exploited by intruders to view the contents of files on the server
Recommendation: It is best to prohibit anonymous access to this web directory and recommend that you delete this web directory/MSADC
Workaround: Delete the showcode.asp file

_________________________________________________________________________

62
Type: Information type
Name: _vti_inf.html
Risk Rating: Medium
Description: There is a _vti_inf.html file in the Web root that is a feature of the FrontPage Extention Server that contains important information about a series of FrontPage extention servers; and FrontPage Extention Server is a Web service with a lot of vulnerabilities, with which intruders may modify the first file directly
Recommendation: FTP and other ways to upload Web page files
Workaround: Uninstall FrontPage extention Server
________________________________________________________________________________

63
Type: Information type
Name: index.asp:: $DATA
Risk Rating: Medium
Description: ASP program source code can be suffix +:: $DATA method to see, so that intruders can find the server database password and other important information

Recommendation: Note Microsoft's latest patch and security bulletin on CodeView
Workaround: Install services pack6 or patch:
ftp://ftp.microsoft.com/bussys/iis/iis-public/fixes/chs/security/fesrc-fix/
Related connection: ftp://ftp.microsoft.com/bussys/iis/iis-public/fixes/chs/security/fesrc-fix/


___________________________________________________________________________________

64
Type: Attack type
Name: main.asp%81
Risk Rating: Low
Description: The source code of the ASP program can be looked up by the suffix +%81 method, so the intruder can find the important information such as the server database password.

Recommendation: Note Microsoft's latest patch and security bulletin on CodeView
Workaround: Install services pack6 or patch:
ftp://ftp.microsoft.com/bussys/iis/iis-public/fixes/chs/security/fesrc-fix/
Related connection: ftp://ftp.microsoft.com/bussys/iis/iis-public/fixes/chs/security/fesrc-fix/

____________________________________________________________________________________
65
Type: Information type
Name: showcode.asp_2
Risk Rating: Medium
Description: There are showcode.asp files in the/msadc/samples/selector/directory, with the following path:
Http://www.xxx.com/msadc/Samples/SELECTOR/showcode.asp?source=/msadc/Samples/../../../../../boot.ini
The contents of the Boot.ini file can be found; in fact, intruders can use this ASP to view all the files on your system that start httpd users have permission to read

Recommendation: Disable anonymous access to the/MSADC directory
WORKAROUND: Delete or remove showcode.asp in your web directory
Please go to the following address to search for patches
Internet Information Server:
ftp://ftp.microsoft.com/bussys/iis/iis-public/fixes/usa/Viewcode-fix/
Site Server:
ftp://ftp.microsoft.com/bussys/sitesrv/sitesrv-public/fixes/usa/siteserver3/hotfixes-postsp2/Viewcode-fix/
Http://www.microsoft.com/security/products/iis/checklist.asp
Related connection: ftp://ftp.microsoft.com/bussys/iis/iis-public/fixes/usa/Viewcode-fix/


_____________________________________________________________________________________

66
Type: Attack type
Name: Ism.dll
Risk Rating: High
Description: There is a Ism.dll file in the/scripts/iisadmin/directory, which has an overflow error that allows intruders to execute arbitrary programs on the server; The attacker may also be able to cause the server's WWW service to die at any time
Recommendation: Disable anonymous access to the/scripts directory
Workaround: Delete/scripts/iisadmin/ism.dll, or open the Admin console for IIS, select the Default Web site, right-click, select Properties, point: Home directory, and at the starting point, click the Configure button to delete the application map entry for ". htr".



___________________________________________________________________________________________


67
Type: Information type
Name: codebrws.asp_2
Risk Rating: Medium
Description: There are codebrws.asp files under/iissamples/sdk/asp/docs/, using the following path:
Http://www.xxx.com/iissamples/exair/howitworks/codebrws.asp?source=/index.asp will be able to view the source code of the index.asp. Virtually any ASCII file can be browsed.

Recommendation: Delete a web directory called/iissamples/
WORKAROUND: Delete or remove codebrws.asp in your web directory
Please go to the following address to search for patches
Internet Information Server:
ftp://ftp.microsoft.com/bussys/iis/iis-public/fixes/usa/Viewcode-fix/
Site Server:
ftp://ftp.microsoft.com/bussys/sitesrv/sitesrv-public/fixes/usa/siteserver3/hotfixes-postsp2/Viewcode-fix/
Http://www.microsoft.com/security/products/iis/checklist.asp
Related connection: ftp://ftp.microsoft.com/bussys/iis/iis-public/fixes/usa/Viewcode-fix/

______________________________________________________________________________________


68
Type: Attack type
Name: uploadn.asp
Risk Rating: High
Description: In the/scripts/tools directory exists uploadn.asp program, as long as the intruder has an available account, even if the guest account, you can upload any file to your web directory, in addition to replacing the home page, he can further control your entire system!
Recommendation: Delete a web directory named/scripts
Workaround: Delete the uploadn.asp file
Related connections:


____________________________________________________________________________________

69
Type: Attack type
Name: uploadx.asp
Risk Rating: High
Description: In the/scripts/tools directory exists uploadx.asp program, as long as the intruder has an available account, even if the guest account, you can upload any file to your web directory, in addition to replacing the home page, he can further control your entire system!
Recommendation: Delete a web directory named/scripts
Workaround: Delete the uploadx.asp file
Related connections:

______________________________________________________________________________________

70
Type: Attack type
Name: query.asp
Risk Rating: Low
Description: There is a query.asp file in the/iissamples/exair/search/directory, this file has a vulnerability if exploited by an attacker, the result will be CPU utilization up to 100%, machine speed will be significantly slower
Recommendation: Prohibit access to the/iissamples directory
Workaround: Delete the query.asp file

_______________________________________________________________________________

71
Type: Attack type
Name: advsearch.asp
Risk Rating: Low
Description: There is a query.asp file in the/iissamples/exair/search/directory, this file has a vulnerability if exploited by an attacker, the result will be CPU utilization up to 100%, machine speed will be significantly slower
Recommendation: Prohibit access to the/iissamples directory
Workaround: Delete the advsearch.asp file


_______________________________________________________________________________

72
Type: Attack type
Name: search.asp
Risk Rating: Low
Description: There is a search.asp file in the/iissamples/exair/search/directory, this file has a vulnerability if exploited by an attacker, the result will be CPU utilization up to 100%, machine speed will be significantly slower
Recommendation: Prohibit access to the/iissamples directory
Workaround: Delete the Search.asp file

_________________________________________________________________________________

74
Type: Attack type
Name: Getdrvrs.exe
Risk Rating: Medium
Description: This Getdrvrs.exe file, which exists in the/scripts/tools directory, allows any user to create any file under the Web root and create an ODBC data source
Recommendation: Disable anonymous access to the/scripts/tools directory
Workaround: Delete the Getdrvrs.exe file


_______________________________________________________________________________

73
Type: Attack type
Name: Newdsn.exe
Risk Rating: Medium
Description: This Newdsn.exe file, which exists in the/scripts/tools directory, allows any user to create any file under the Web root directory, such as:
Http://xxx.xxx.xxx.xxx/scripts/tools/newdsn.exe?driver=microsoft%2baccess%2bdriver%2b%28*.mdb%29&dsn=evil2 +samples+from+microsoft&dbq=.. %2f.. %2fwwwroot%2fevil2.htm&newdb=create_db&attr=
Recommendation: Disable anonymous access to the/scripts/tools directory
Workaround: Delete the Newdsn.exe file


_______________________________________________________________________________

75
Type: Information type
Name: Showcode.asp_3
Risk Rating: Medium
Description: A code.asp file exists in/iissamples/exair/howitworks/that allows an intruder to view the contents of any ASCII file on the server's hard disk and to display the source code for the ASP program file
Recommendation: Disable anonymous access to/iissamples Web directories
Workaround: Delete the showcode.asp file



Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.