# Where is CGI-BIN ?



## Ronaldr (Jun 10, 2009)

Im trying to have my server made PCI DSS Compliant.

During a PCI Compliant Scan, It turned up 4 security holes that deal with CGI Abuses, It tells me to navigate to the CGI-BIN and remove the associated scripts. However I was not able to find the scripts or the directory "cgi-bin". Could someone please point me in the right direction ?

Here are the errors that are displayed in the scan



> Security hole found on port/service "http (80/tcp)"
> Plugin	 "guestbook.pl"
> Category	 "CGI abuses "
> Priority	 "Medium Priority "The 'guestbook.pl' is installed. This CGI has  a well known security flaw that lets anyone execute arbitrary  commands with the privileges of the http daemon (root or nobody).
> ...





> Security hole found on port/service "http (80/tcp)"
> Plugin	 "uploader.exe"
> Category	 "CGI abuses "
> Priority	 "Urgent "Synopsis :  The remote web server contains a CGI script that is prone to arbitrary command execution.   Description :  The remote web server contains a CGI script named 'uploader.exe' in '/cgi-win'.  Versions of O'Reilly's Website product before 1.1g included a script with this name that allows an attacker to upload arbitrary CGI and then execute them.
> ...





> Security hole found on port/service "http (80/tcp)"
> Plugin	 "Apache::ASP source.asp"
> Category	 "Web Servers "
> Priority	 "Urgent "Synopsis :  The remote web server is affected by an arbitrary file creation vulnerability.  Description :  The file /site/eg/source.asp is present on the remote Apache web server.  This file comes with the Apache::ASP package and allows anyone to write to files in the same directory. An attacker may use this flaw to upload his own scripts and execute arbitrary commands on this host.
> ...





> Security hole found on port/service "http (80/tcp)"
> Plugin	 "cgiWebupdate.exe vulnerability"
> Category	 "CGI abuses "
> Priority	 "Medium Priority "The CGI 'cgiWebupdate.exe' exists on this webserver.   Some versions of this file are vulnerable to remote exploit.  An attacker can use this hole to gain access to confidential data or escalate their privileges on the web server.
> ...


----------



## DutchDaemon (Jun 10, 2009)

[cmd=]grep cgi- httpd.conf[/cmd], perhaps?


----------

