Summary
The remote host is running Easy Message Board, a bulletin board system written in perl.
The remote version of this script contains an input validation flaw which may be used by an attacker to perform a directory traversal attack or execute arbitrary commands on the remote host with the privileges of the web server.
Solution
Upgrade to the newest version of this CGI or disable it
Severity
Classification
-
CVE CVE-2005-1549, CVE-2005-1550 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Artifectx xClassified 'catid' SQL Injection Vulnerability
- AjaxPortal 'di.php' File Inclusion Vulnerability
- Awstats Configuration File Remote Arbitrary Command Execution Vulnerability
- Alcatel-Lucent OmniPCX Enterprise Remote Command Execution Vulnerability
- 3Com OfficeConnect VPN Firewall Default Password Security Bypass Vulnerability