Nph-publish.cgi Network Vulnerability

Summary

The 'nph-publish.cgi' is installed. This CGI has a well known security flaw that lets an attacker to execute arbitrary commands with the privileges of the http daemon (usually root or nobody).

Solution

remove it from /cgi-bin.

Severity

Classification

CVE CVE-1999-1177, CVE-2001-0400

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ATutor < 1.5.1-pl1 Multiple Flaws
Adobe ColdFusion Multiple Vulnerabilities-02 May-2014
Andy's PHP Knowledgebase 'step5.php' Remote PHP Code Execution Vulnerability
Apache Struts ClassLoader Manipulation Vulnerabilities
Admin Bot 'news.php' SQL Injection Vulnerability

Take action and discover your vulnerabilities