Code: p97

Severity: Notice


Description: The cachemgr.cgi script is distributed with the Squid proxy as a tool for managing and viewing statistics about a running cache server. It is not by default installed into a system's web server CGI directory but under some systems, namely Redhat Linux, the cachemgr.cgi script can be found in this directory with no access controls in place. This script can be used by a remote attacker to connect to arbitrary hosts and ports which could be used to "proxy" portscans through vulnerable systems.

Impact: All systems.

Corrective: Check to see whether the cachemgr.cgi script is on your system, Remove the "cachemgr.cgi" script from your server's CGI-BIN directory.