MediumCheck or Attack Name: CGI nphpublish
A vulnerability in the nph-publish script version 1.0 through 1.1 could allow remote attackers to write to files that would normally not be accessible. Under certain circumstances, this hole could be used to gain access to the vulnerable machine.
Remove the vulnerable version of nph-publish from your CGI-BIN directory and upgrade to at least version 1.2, which fixes this problem.
Lincoln D. Stein, nph-publish script, http://stein.cshl.org/~lstein/server_publish/nph-publish.txt
