SCAN: FormHandler.cgi access
This signature detects attempts to access the script ForHandler.cgi. This script has multiple vulnerabilities and is a common target for network vulnerability scanners.
Extended Description
Any file that the FormHandler.cgi has read access to (the cgi is typically run as user 'nobody' on Unix systems) can be specified as an attachment in a reply email. This could allow an attacker to gain access to sensitive files such as /etc/passwd simply by modifying the form document.
Affected Products
Matt_wright formhandler.cgi
References
BugTraq: 799
CVE: CVE-1999-1050
URL: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=1999-1050 http://www.securityfocus.com/bid/798
Short Name
SCAN:MISC:HTTP:FORMHANDLER
Severity
Info
Recommended
False
Recommended Action
None
Category
SCAN
Keywords
CVE-1999-1050 FormHandler.cgi access bid:799
Release Date
12/08/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Rarely
Vendors
Matt_wright
CVSS Score
5.0