Synopsis
The remote host may give an attacker information useful for future attacks.
Description
The remote host is running the Network Query Tool CGI script. This script allows anonymous, remote users to perform port scans, whois, DNS queries, ping, traceroute, and more via a web interface. An attacker coming upon this application would be able to use the script to perform discovery scanning against any range of addresses. This would include, but not be limited to, internal IP ranges.
Solution
Ensure that this application is valid with respect to corporate policies and guidelines. If the application is required, consider using Access Control Lists (ACLs) or other security measures to block unauthorized usage.
