[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#231665: general: default scripts in /cgi-bin/ for webservers

Package: general
Severity: normal
Tags: security

Hi, the files /usr/lib/cgi-bin/printenv and /usr/lib/cgi-bin/test-cgi are normally installed with Apaches. But they present information to every webuser, that schould not be public. I would suggest not to put them into /cgi-bin/ by default. I suppose updating a systems leads to reinstallation of those files if they are deleted before?

Thilo Pfennig

-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux guru 2.6.0-1-386 #1 Tue Dec 23 17:54:12 EST 2003 i686
Locale: LANG=de_DE@euro, LC_CTYPE=de_DE@euro

Reply to: