4 matches found
PGPMail.pl detection
The 'PGPMail.pl' CGI is installed. Some versions up to v1.31 a least of this CGI do not properly filter user input before using it inside commands. This would allow a cracker to run any command on your server. Note: OpenVAS just checked the presence of this CGI but did not try to exploit the flaw...
PGPMail.pl detection
The SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.11070";...
PGPMail.pl detection
The 'PGPMail.pl' CGI is installed. Some versions up to v1.31 a least of this CGI do not properly filter user input before using it inside commands. This would allow an attacker to run any command on the server. Note: Nessus just checked the presence of this CGI but did not try to exploit the flaw...
CVE-2001-0937
CVE-2001-0937 concerns PGPMail.pl CGI (up to version 1.31) where the recipient and pgpuserid CGI variables are not properly filtered before being passed to shell commands. This allows remote attackers to execute arbitrary commands on the server with the web server’s privileges. OpenVAS and Nessus...