漏洞关键信息 漏洞概述 漏洞名称: CGIWrap error message can be manipulated to compromise Web browsers CVE ID: CVE-2008-2852 CVSS评分 Base Score: 4.3 - Access Vector: Network - Access Complexity: Medium - Authentication: None - Confidentiality Impact: None - Integrity Impact: Partial - Availability Impact: None Temporal Score: 3.7 - Exploitability: High - Remediation Level: Official Fix - Report Confidence: Confirmed 影响范围 受影响产品: - Nathan Neulinger CGIWrap 4.0 - Nathan Neulinger CGIWrap 3.5 - Nathan Neulinger CGIWrap 3.6 - Nathan Neulinger CGIWrap 3.6.1 依赖产品: - TurboLinux TurboLinux Appliance Server 1.0 Hosting Ed - TurboLinux TurboLinux Appliance Server 1.0 Workgroup Ed - TurboLinux TurboLinux Appliance Server 2.0 - TurboLinux TurboLinux FUJI 后果 后果: Gain Access 解决方案 修复措施: 升级到最新版本的CGIWrap(4.1或更高版本),可从SourceForge.net: Files获取。