Account Manager
---------------

CVE Number: 
None

Details:
The amadmin.pl cgi script was found on the system. This is used by Account
Manager. Early versions of this script allow an attacker to overwrite the admin
password and subsequently allow the attack to upload their own files for
remote execution.

Fix:
It is recommended that the file be removed from the system, or upgraded to
the latest version.

Related URLs:
http://archives.neohapsis.com/archives/bugtraq/2000-08/0291.html
http://archives.neohapsis.com/archives/bugtraq/2000-08/0297.html
http://www.cgiscriptcenter.com/acctlite/

$Id: acctmngr,v 1.1 2000/11/06 15:34:04 loveless Exp $
