SCAN: OReilly WebSite win-c-sample.exe Probe
This signature detects attempts to access a sample script (win-c-sample.exe) that shipped with O'Reilly Web Site. This sample script is vulnerable to buffer overflows and is a common target of Web scanners.
Extended Description
O'Reilly WebSite (Pro) is a Windows 95/NT Web Server package. Versions 2.0 and below contained a vulnerable sample script, win-c-sample.exe, placed by default in /cgi-shl/ off the web root directory. This program is vulnerable to a buffer overflow, allowing for execution of arbitrary commands on the host machine with the privileges of the web server. Consequences of successful exploitation could range from destruction of data and web site defacement to elevation of privileges through locally exploitable vulnerabilities.
Affected Products
Oreilly_software website
Short Name
SCAN:MISC:HTTP:WIN-C-SAMPLE
Severity
Info
Recommended
False
Recommended Action
None
Category
SCAN
Keywords
CVE-1999-0178 OReilly Probe WebSite bid:2078 win-c-sample.exe
Release Date
02/22/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Rarely
Vendors
Oreilly_software
CVSS Score
7.5