test-cgi

I would like to know if this test-cgi exploit is really a security vulnerability.  If so, please explaine how so.  What could someone do with this information.  And how is this so valueable.  Airn't you able to get this info other ways?

Thank you
Boot_DiskAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
ahoffmannConnect With a Mentor Commented:
hmm, you're speaking in miracles (at least to me):

I've hundreds of "test-cgi"s, and most of them have no exploits (exceptions see below;-)

So it would be nice if you give an example (link or code) of YOUR TEST-CGI.
Or if you like a general answer:
  - each test-cgi has exploits, somehow, somewhere
  - each test-cgi is vulnerable in that way that it allows to read and/or modify data on the server or on your client somehow
Just a test-cgi which is never executed is not vulnerable, 'cause its exploits never occour, some kind of write-only program ;-)
Probably not the answer you expect, so please give some more details.
0
 
ahoffmannCommented:
which test-cgi?
0
 
Boot_DiskAuthor Commented:
lets say:  http://www.site.com/cgi-bin/test-cgi?/*
0
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

 
ahoffmannCommented:
which exploit?
0
 
Boot_DiskAuthor Commented:
The exploit of test-cgi!!  what do you think.  If you don't know anything about it, then forget answering me.  Thank you.
0
 
Boot_DiskAuthor Commented:
That is great.  Thank you :)  That was just what I was looking for.
0
 
ahoffmannCommented:
thought you need an explanation of a special exploit, didn't expect that you're interrested in such a general answer ;-)

BTW, I made a mistake: test-cgi cannot read/modify data on the client, just on the server
0
 
Boot_DiskAuthor Commented:
the exploit I was really looking at waht this one:

http://packetstormsecurity.org/advisories/l0pht/l0pht.test-cgi

If yha want to have another look.
0
All Courses

From novice to tech pro — start learning today.