Check or Attack Name: nphtestcgi

The nph-test-cgi program contains a vulnerability that allows a remote attacker to list the contents of any readable directory on a web server. This allows a remote attacker to inventory a system and to quickly determine other likely vulnerabilities or targets. This vulnerability is also commonly present in the test-cgi program. The nph-test-cgi program is installed by default with Apache web servers up to and including v1.0.5. It is also installed with some versions of NCSA web server.

The nph-test-cgi script is included in web server packages as a code sample and is not required for normal operation, therefore it should be removed from the cgi-bin directory. The Apache web server starting with v1.1.3 no longer includes nph-test-cgi in a default installation.

L0pht Security Advisory, test-cgi vulnerability in certain setups, http://www.l0pht.com/advisories/test-cgi-vulnerability

CERT Advisory CA-97.07, Vulnerability in the httpd nph-test-cgi script, http://www.cert.org/advisories/CA-97.07.nph-test-cgi_script.html