info2www
--------

CVE Number: 
CVE-1999-0266

Details:
The info2www cgi script was found on the system. Multiple versions of this
program exist, some are vulnerable to remote command execution. To determine
if your version is vulnerable, check the code to see if it is passing
parameters to open() without stripping metacharacters. If it is, you are
vulnerable.

Fix:
It is recommended that the file be removed from the system, or replaced with
a secure version.

Related URLs:
http://www.securityfocus.com/templates/archive.pike?list=1&msg=E0y9pqT-0003hm-00@ash2.doc.ic.ac.uk

$Id: info2www,v 1.1 2000/11/06 15:34:19 loveless Exp $
