This script is Copyright (C) 1999-2011 Mathieu Perrin
Arbirtrary commands might be run on the remote host.
The 'formmail.pl' is installed. This CGI has a well known security flaw
that lets anyone execute arbitrary commands with the privileges of the
HTTP daemon (root or nobody).
Remove it from /cgi-bin.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true