MediumCheck or Attack Name: Novell Files Script
A problem in the 'files.pl' script distributed with the Novell WebServer Examples Toolkit v2 could allow a remote attacker to view the contents of any file or directory on vulnerable servers. The attacker would be limited to viewing files accessible to the user owning the server process.
Remove the 'files.pl' script from any production or sensitive servers on your network. It is a good practice to always remove sample scripts from the CGI-BIN directory of your web server before putting it into production.
WWW Security FAQ, Are there any known security problems with Novell WebServer?, http://www.w3.org/Security/Faq/wwwsf8.html#Q87
