Sambar Server before 6.0 beta 6 allows remote attackers to obtain sensitive information via direct requests to the default scripts (1) environ.pl and (2) testcgi.exe.Referenceshttp://www.sambar.com/security.htmhttp://secunia.com/advisories/9578http://securitytracker.com/id?1007819https://exchange.xforce.ibmcloud.com/vulnerabilities/13305http://www.idefense.com/application/poi/display?id=103&type=vulnerabilities&flashstatus=true
