Multiple Web Server printenv CGI Information Disclosure

medium Nessus Plugin ID 10188

Synopsis

The remote web server contains a CGI script that discloses information.

Description

The remote web server contains the 'test-cgi' test script, which is included by default with some web servers.

The printenv CGI returns its environment variables. This gives an attacker information like the installation directory, the server IP address (which is interesting if NAT is implemented), the server administrator's email address, the server and modules versions, the shell environment variables...

Solution

Remove printenv from /cgi-bin.

Plugin Details

Severity: Medium

ID: 10188

File Name: printenv.nasl

Version: 2.10

Type: remote

Family: CGI abuses

Published: 7/16/2010

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Manual analysis of the vulnerability

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: manual

Vulnerability Information

CPE: cpe:/a:apache:http_server

Vulnerability Publication Date: 2/2/2000