GEN:SID 1:2243
Message WEB-MISC ndcgi.exe access
Summary This event is generated when an attempt is made to access the web cgi
application ndcgi.exe.
Impact Session hijacking. Unauthorized access to resources.
Detailed Information Certain versions of Netdynamics web application present an attacker with
the opportunity to steal session IDs and hijack user sessions from the
information contained in the SPIDERSESSION and uniqueValue variables.
Affected Systems Netdynamics 4.x through 5.x
Attack Scenarios The attacker can gain the information necessary to login using valid
user credentials by reading the information contained in the
SPIDERSESSION and uniqueValue variables.
Ease of Attack Simple.
Corrective Action Upgrade to the latest non-affected version of the software.
Additional References  
Rule References cve: 2001-0922
nessus: 11730