Command Interpreters
--------------------

CVE Number: 
CAN-1999-0509

Details:
Command interpreters in the CGI directory can allow for unauthorized
remote command execution.  One or more of the following command
interpreters was found in the CGI directory:

 perl.exe
 perl
 sh
 csh
 ksh
 bash
 ash
 tcsh
 rksh
 rsh
 zsh

Fix:
It is recommended that the command interpreters be removed from the CGI
directory.  If command interpreters are required, they should be placed
in a seperate directory.  CGI programs that call interpreters should
only call interpreters that are stored outside of the CGI directory.

Related URLs:
None

$Id: command-interpreters,v 1.1 2000/11/06 15:34:12 loveless Exp $
