GEN:SID 1:1607
Message WEB-CGI HyperSeek hsx.cgi access
Summary This event is generated when an attempt is made to access hsx.cgi on a
web server. This may indicate an attempt to exploit a vulnerability in
the Hyperseek 2000 search engine that allows read-access to directory
listings and files.
Impact Information gathering.
Detailed Information This event may indicate that an attempt has been made to exploit a
directory traversal vulnerability in HyperSeek 2000. An attacker can use
directory traversal techniques to view hidden files and directories on
the web server.
Affected Systems Web servers running iWeb Systems HyperSeek 2000 are vulnerable.
Attack Scenarios An attacker can use directory traversal techniques when executing
hsx.cgi to view directories and files on the web server.
Ease of Attack Simple. Exploits exist.
Corrective Action Apply the appropriate vendor supplied patches.

Uprade to the latest non-affected version of the software.
Additional References Bugtraq
http://www.securityfocus.com/bid/2314

CERT/CC
http://www.kb.cert.org/vuls/id/146704

CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0253

Nessus
http://cgi.nessus.org/plugins/dump.php3?id=10602
Rule References bugtraq: 2314
cve: 2001-0253
nessus: 10602