GEN:SID 1:2209
Message WEB-CGI getdoc.cgi access
Summary This event is generated when an attempt is made to access getdoc.cgi on an internal web server. This may indicate an attempt to exploit an authorization bypass vulnerability on Infonautics document subscription sites.
Impact A malicious user may be able to access restricted documents without paying for them.
Detailed Information Infonautics provides online access to research materials, and uses getdoc.cgi to manage the document purchase and view process. A malicious user could alter the content of getdoc.cgi links in order to bypass the payment page, thereby freely viewing documents that they would normally pay money to access.
Affected Systems Infonautics web sites that use getdoc.cgi to manage document access.
Attack Scenarios An attacker sends a specially crafted HTTP request to an Infonautics site, and obtains documents that he/she would normally have to pay for.
Ease of Attack Moderate.
Corrective Action It is not known if a fix has been made available.
Additional References  
Rule References bugtraq: 4579
cve: 2000-0288
nessus: 11748