CVE-2006-0767

CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in scripts that reveal system information...

CVE-2006-0767

CVE-2006-0767 affects CGIWrap prior to 3.10. The vulnerability allows remote attackers to obtain sensitive information due to errors in scripts that reveal system information. Affected: CGIWrap

CVE-2006-0767

CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in scripts that reveal system information...

[SA18797] CGIWrap Error Message System Information Disclosure

TITLE: CGIWrap Error Message System Information Disclosure SECUNIA ADVISORY ID: SA18797 VERIFY ADVISORY: http://secunia.com/advisories/18797/ CRITICAL: Not critical IMPACT: Exposure of system information WHERE: From remote SOFTWARE: CGIWarp 3.x http://secunia.com/product/8052/ DESCRIPTION: A...

Cobalt RaQ2 cgiwrap

'cgiwrap SPDX-FileCopyrightText: 1999 Mathieu Perrin Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10041";...

CVE-2005-3254

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian...

CVE-2005-3255

The 1 cgiwrap and 2 php-cgiwrap packages before 3.9 in Debian GNU/Linux provide access to debugging CGIs under the web document root, which allows remote attackers to obtain sensitive information via direct requests to those CGIs...

CVE-2005-3255

The 1 cgiwrap and 2 php-cgiwrap packages before 3.9 in Debian GNU/Linux provide access to debugging CGIs under the web document root, which allows remote attackers to obtain sensitive information via direct requests to those CGIs...

CVE-2005-3254

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian...

CVE-2005-3254

The CVE-2005-3254 issue affects CGIwrap prior to 3.9 on Debian GNU/Linux, where the minimum UID checked for seteuid operations is incorrectly set to 100 instead of 1000. This mismatch can allow an attacker to execute code as other system UIDs greater than the minimum value, as described in multip...

CVE-2005-3255

The CVE-2005-3255 issue affects the Debian GNU/Linux packages cgiwrap and php-cgiwrap (before version 3.9), where debugging CGI scripts under the web document root are exposed and can be directly requested by remote attackers to obtain sensitive information. This description is supported by multi...

CVE-2005-3254

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian...

CVE-2005-3255

The 1 cgiwrap and 2 php-cgiwrap packages before 3.9 in Debian GNU/Linux provide access to debugging CGIs under the web document root, which allows remote attackers to obtain sensitive information via direct requests to those CGIs...

DTSA-6-1 cgiwrap - multiple vulnerabilities

Bulletin has no description...

CVE-1999-1530

cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system...

CVE-2001-0987

Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap...

CVE-1999-1530

CVE-1999-1530 affects Cobalt RaQ2/RaQ3i environments where the cgiwrap component fails to properly identify users when running scripts. This allows a malicious site administrator to view or modify data located at another virtual site on the same system. The vulnerability is documented in CVE-1999...

CVE-2001-0987

CVE-2001-0987 is a Cross-site Scripting vulnerability in CGIWrap before version 3.7. It allows remote attackers to inject arbitrary Javascript into error messages generated by CGIWrap, enabling execution on other web clients. The entry includes a high severity rating (CVSS v2 base score 7.5) and ...

CVE-2001-0987

Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap...

CGIWrap 2.x/3.x - Cross-Site Scripting

source: https://www.securityfocus.com/bid/3081/info CGIWrap is a free, open-source program for running CGI securely. CGIWrap does not filter embedded scripting commands from user-supplied input. A web user may submit a malicious link into any form which displays user-supplied input, such as...