GEN:SID 1:2199
Message WEB-CGI multidiff.cgi access
Summary This event is generated when an attempt is made to access multidiff.cgi on an internal web server. This may indicate an attempt to exploit an information disclosure vulnerability in Mozilla Bonsai 1.3.
Impact Information gathering.
Detailed Information Mozilla Bonsai, a CVS query tool, contains an information disclosure vulnerability in multidiff.cgi. An attacker can discover the location of the Mozilla Bonsai application by sending a malformed request to the application, which produces an error. The error message shows the full path of the multidiff.cgi file, providing the attacker with information about the server directory structure.
Affected Systems Any system running Mozilla Bonsai 1.3.
Attack Scenarios An attacker sends an erroneous request to multidiff.cgi on the Bonsai server. The error message returns the full path of the script, allowing the attacker to discover more information about the server directory structure for possible use in later attacks.
Ease of Attack Simple. Proof of concept exists.
Corrective Action Upgrade to a newer build of Mozilla Bonsai 1.3.

If you are running Mozilla Bonsai on Debian 3.0, Debian has provided patches at http://security.debian.org/pool/updates/main/b/bonsai/.
Additional References Bugtraq
http://www.securityfocus.com/bid/5517
Rule References bugtraq: 4579
bugtraq: 5517
cve: 2003-0153
nessus: 11748