FastCGI sample echo.exe cross site scripting 1.0
 
Plugin ID304
Plugin nameFastCGI sample echo.exe cross site scripting
Plugin filenameFastCGI sample echo.exe cross site scripting.plugin
Plugin filesize2646 bytes
Plugin familyCGI
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/04
Plugin version1.0
Plugin protocoltcp
Plugin port80
Plugin procedure exploitopen|send GET /fcgi-bin/echo.exe?foo=<script>atk</script> HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# ### *<script>atk</script>*
Plugin exploit accuracy98
Plugin commentThe NASL script is Copyright (C) 2002 Matt Moore
Bug affectedFastCGI
Bug vulnerability classCross Site Scripting
Bug descriptionTwo sample CGI's supplied with FastCGI are vulnerable to cross-site scripting attacks. FastCGI is an 'open extension to CGI that provides high performance without the limitations of server specific APIs', and is included in the default installation of the 'Unbreakable' Oracle9i Application Server. Various other web servers support the FastCGI extensions (Zeus, Pi3Web etc). Two sample CGI's are installed with FastCGI, (echo.exe and echo2.exe under Windows, echo and echo2 under Unix). Both of these CGI's output a list of environment variables and PATH information for various applications. They also display any parameters that were provided to them. Hence, a cross site scripting attack can be performed via a request.
Bug solutionAlways remove sample applications from production servers.
Bug fixing timeApprox. 1 hour
Bug exploit availabilityYes
Bug remoteYes
Bug localYes
Bug severityHigh
Bug popularity6
Bug simplicity8
Bug impact8
Bug risk7
Bug Nessus riskHigh
Bug check toolsNessus can check this flaw with the plugin 10838 (FastCGI samples Cross Site Scripting).
Source Nessus ID10838
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.