Summary
The 'ibillpm.pl' CGI is installed.
Some versions of this CGI use a weak password management system that can be brute-forced.
** No flaw was tested. Your script might be a safe version.
Solutions : upgrade the script if possible. If not:
1) Move the script elsewhere (security through obscurity) 2) Request that iBill fix it.
3) Configure your web server so that only addreses from ibill.com may access it.
Severity
Classification
-
CVE CVE-2001-0839 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- A-A-S Application Access Server Multiple Vulnerabilities
- Artifectx xClassified 'catid' SQL Injection Vulnerability
- Awstats Configuration File Remote Arbitrary Command Execution Vulnerability
- AjaxPortal 'di.php' File Inclusion Vulnerability
- Apple Safari PDF Javascript Security Bypass Bypass Vulnerability