Signature Detail
Short Name |
HTTP:CGI:LITESERV-CGI-DISC |
|---|---|
Severity |
Low |
Recommended |
No |
Category |
HTTP |
Keywords |
LiteServe CGI Alias Filter Source Disclosure |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: LiteServe CGI Alias Filter Source Disclosure
This signature detects attempts to exploit a known vulnerability in LiteServe for Win32. LiteServer 2.03 and earlier versions are vulnerable. Attackers can send a maliciously crafted HTTP GET request to the server to obtain the source of a CGI script.
Extended Description
By constructing a malicious web request, it is possible for a remote attacker to disclose the source code of CGI scripts. Information gained through exploiting this issue may aid an attacker in launching further attacks against the target system.
Affected Products
- Perception LiteServe 2.0.0
- Perception LiteServe 2.0.0 2
- Perception LiteServe 2.0.1
References
- BugTraq: 6188
- CVE: CVE-2002-1986
- URL: http://www.security.nnov.ru/search/document.asp?docid=3761