Last FSL update contained this vuln (Update 29, April)
After update, I found this vuln in my scan result.
But we don't have this Webcom guestbook.cgi.
Actually this server dosen't installed any CGI.
Is this false positive?
What I miss?
10204 - Webcom Guestbook.cgi Arbitrary Command Execution Vulnerability
Category: General Vulnerability Assessment -> NonIntrusive -> Web Server
Risk Level: Medium
An arbitrary command execution vulnerability is present in some versions of Webcom Guestbook.cgi.
guestbook.cgi is a specific CGI script which helps to post various mails and digests for a particular topic.
An arbitrary command execution vulnerability is present in some versions of Webcom Guestbook.cgi
Solved! Go to Solution.
Please see the following Knowledge Base Article regarding how to submit possible False Postive issues to support:
I hope that helps!
Thanks to support me.
I read that article but i don't try that yet.
But today I got a FSL update mail and it contained this vuln's update.
Risk level goes down to medium and FASL script is updated.
I think that vuln will be not found anymore.
Check "McAfee foundstone fsl update" on jun-03.