Summary
The remote web server is running two CGIs (environ.pl and testcgi.exe) which, by default, disclose a lot of information about the remote host (such as the physical path to the CGIs on the remote filesystem).
Solution
Delete these two CGIs
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities
- Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
- Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities
- Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities