Summary
The AlienForm CGI script allows an attacker
to view any file on the target computer, append arbitrary data to an existing file, and write arbitrary data to a new file.
The AlienForm CGI script is installed as either af.cgi or alienform.cgi
For more details, please see:
http://online.securityfocus.com/archive/1/276248/2002-06-08/2002-06-14/0
Solution
Disable AlienForm
Severity
Classification
-
CVE CVE-2002-0934 -
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:N
Related Vulnerabilities
- Apache Archiva Cross Site Request Forgery Vulnerability
- APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
- Apache Tomcat DOS Device Name XSS
- AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability
- Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities