3 matches found
CVE-2000-0431
Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files...
Cobalt RaQ2 cgiwrap Multiple Vulnerabilities
The remote host has 'cgiwrap' is installed. If you are running an unpatched Cobalt RaQ, the version of cgiwrap distributed with that system has a known security flaw that lets anyone execute arbitrary commands with the privileges of the http daemon root or nobody. This flaw exists only on the...
cobalt.cgiwrap.txt
There is a problem actually several with the "cgiwrap" program on Cobalt RaQ2 servers. It is supposed to run CGI programs as the proper user instead of "nobody" to make CGIs a little more secure. The Cobalt directory structure is as follows: /home/sites/site1/ - top level directory of the site...