processit CGI Environment Variable Remote Information Disclosure

medium Nessus Plugin ID 10649

Synopsis

The remote web is affected by an information disclosure vulnerability.

Description

The 'processit' CGI is installed. processit normally returns all environment variables.

This gives an attacker valuable information about the configuration of your web server.

Solution

Remove it from /cgi-bin.

Plugin Details

Severity: Medium

ID: 10649

File Name: processit.nasl

Version: 1.18

Type: remote

Family: CGI abuses

Published: 4/16/2001

Updated: 1/19/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Vulnerability Publication Date: 1/1/2000

Detections

Analytics