SCAN: Webcom CGI Guestbook Scripts
This signature detects attempts to access the Webcom CGI Guestbook programs rguest.exe and wguest.exe. These programs contain multiple vulnerabilities that enable users to read arbitrary files on the web server.
Extended Description
The freeware guestbook package from freeware.webcom.se provides a web-based guestbook feature, using CGI. Some versions of this guestbook (undetermined at the time of writing) are vulnerable to an attack allowing an intruder to retrieve the contents of arbitrary files to which the web server has access. This can be accomplished by specifying the path and filename as the parameter "template" to either rguest.exe or wguest.exe - see Exploit for example. These two programs typically reside in /cgi-bin.
Affected Products
Webcom_datakommunikation guestbook
Short Name
SCAN:MISC:HTTP:WEBCOM-EXE
Severity
Info
Recommended
False
Recommended Action
None
Category
SCAN
Keywords
CGI CVE-1999-0467 Guestbook Scripts Webcom bid:2024
Release Date
12/08/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Rarely
Vendors
Webcom_datakommunikation
CVSS Score
5.0