GEN:SID 1:2196
Message WEB-CGI catgy.cgi access
Summary This event is generated when an attempt is made to access catgy.cgi on an internal web server. This may indicate an attempt to exploit a cross-site scripting vulnerability in Aktivate e-commerce software.
Impact Arbitrary code execution, possible session hijack.
Detailed Information Aktivate 1.03 is an e-commerce application for use on Linux and other UNIX-based operating systems. An attacker can craft a URL with malicious code in the "desc" command's argument that passes the commands to catgy.cgi. If a legitimate user activates the URL, malicious code may be executed on the client computer.  
Affected Systems Systems running Aktivate 1.03.
Attack Scenarios An attacker may craft a URL that, when activated by a legitimate user, obtains the user's session cookie, thereby allowing the attacker to pose as the user for the duration of the session.
Ease of Attack Simple. A proof of concept exists.
Corrective Action It is not known if this vulnerability has been fixed. Contact the vendor, Allen & Keul Web Solutions (http://www.allen-keul.net) for more information.
Additional References http://www.securityfocus.com/bid/3714
Rule References bugtraq: 3714
bugtraq: 4579
cve: 2001-1212
nessus: 11748