2. Vulnerable CGI programs and application extensions (e.g., ColdFusion) installed on web servers.
Most web servers support Common Gateway Interface (CGI) programs to provide interactivity in web pages, such as data collection and verification. Many web servers come with sample CGI programs installed by default.
Versions Effected: Any web server with CGI support
CVE Entry:
Sample CGI Programs: CAN-1999-0736, CVE-1999-0067, CVE-1999-0068, CVE-1999-0270, CVE-1999-0346, CVE-2000-0207,
CGI Vulnerabilities not including sample programs: CAN-1999-0467, CAN-1999-0509, CVE-1999-0021, CVE-1999-0039, CVE-1999-0058, CVE-1999-0147, CVE-1999-0148, CVE-1999-0149, CVE-1999-0174, CVE-1999-0177, CVE-1999-0178, CVE-1999-0237, CVE-1999-0262, CVE-1999-0279, CVE-1999-0771, CVE-1999-0951, CVE-2000-0012, CVE-2000-0039, CVE-2000-0208
ColdFusion Sample Program Vulnerabilities: CAN-1999-0455, CAN-1999-0922, CAN-1999-0923
ColdFusion Other Vulnerabilities: CAN-1999-0760, CVE-2000-0057
Details: VLAD the Scanner not only scans for each of the CGI vulnerabilities identified by SANS it also scans for additional CGI vulnerabilities that are also considered to be security issues. Click here to see a complete list of all the CGI vulnerabilities that VLAD scans for.
Recommendations: Some general recommendations can be made to deal with CGI issues. Do not run web servers as root. Remove all sample scripts. Educate your staff to write safer CGI scripts. Run web servers in a chroot()ed environment to protect against unknown exploits.
Additional Information:
http://www.cert.org/advisories/CA-96.11.interpreters_in_cgi_bin_dir.html
http://www.cert.org/advisories/CA-97.07.nph-test-cgi_script.html
http://www.cert.org/advisories/CA-96.06.cgi_example_code.html
http://www.cert.org/advisories/CA-97.12.webdist.html
http://www-4.ibm.com/software/developer/library/secure-cgi
http://www.cert.org/tech_tips/cgi_metacharacters.html
http://www.cert.org/advisories/CA-97.24.Count_cgi.html
http://www.sans.org/topten.htm