Sambar Server Batch CGI Vulnerability

Solution:
Sambar Technologies has made available a version of Sambar Server that does not ship with any batch files. However, since batch-file execution is still supported, attackers can still compromise a computer if batch files are uploaded to the 'cgi-bin' directory by any means.

This version (4.3 Beta 8) without batch files may be downloaded from the location below:

http://www.sambar.com/beta.htm



 

Privacy Statement
Copyright 2010, SecurityFocus