HTTP CGI Access

Updated 12/13/01

Impact

Local and remote users may be able to execute arbitrary commands on the HTTP server with the privileges of the httpd daemon. This may be used to compromise the HTTP server and, under certain configurations, gain privileged access.

Background

The remainder of this tutorial is only available with the purchase of SAINTwriter™ or SAINTexpress™.

The Problems and Resolutions

Where can I read more about this?