GEN:SID 1:2210
Message WEB-CGI global.cgi access
Summary This event is generated when an attempt is made to access global.cgi on an internal server. This may indicate an attempt to exploit an arbitrary command execution vulnerability in Global 3.55 on NetBSD.
Impact Arbitrary code execution.
Detailed Information Global is a source code tagging system for NetBSD. Versions 3.55 and earlier contain a vulnerability where commands sent to global.cgi are improperly parsed, allowing attackers to execute arbitrary code with the security context of the web server.
Affected Systems Systems running Global 3.55 or lower on NetBSD.
Attack Scenarios An attacker sends a specially crafted HTTP request to global.cgi on a vulnerable web server. The web server then attempts to execute the commands included in the URL.
Ease of Attack Simple. Proof of concept exists.
Corrective Action Upgrade to Global 4.01 or higher.
Additional References Bugtraq
http://www.securityfocus.com/bid/1854
Rule References bugtraq: 4579
cve: 2000-0952
nessus: 11748