HTTP CGI Gives Information

Updated 11/30/01

Impact

If a malicious user is able to exploit this vulnerability, he or she may be able acquire information about the Web-server and system settings of the exploited system. In certain circumstances, a hacker may even be able to gather information about user accounts on the affected system. A malicious user may then be able to gain unauthorized access to the system using this information (remember, a hacker's best weapon is knowledge!) For example, if a hacker is able to learn information about the operating system of the target, he or she will then be able to gear certain attacks (such as buffer overflows) towards that specific operating system.

Background

This section is only available with the purchase of SAINTwriter™ or SAINTexpress™.

The Problems

This section is only available with the purchase of SAINTwriter™ or SAINTexpress™.

Resolutions

This section is only available with the purchase of SAINTwriter™ or SAINTexpress™.

Where can I read more about this?

This section is only available with the purchase of SAINTwriter™ or SAINTexpress™.