Support
Eng
òÕÓ
Company
Home
Services
Security Assessment
Website Security Audit
Network Penetration Testing
Solutions
DataCenter GreenZone
Web Application Security
Vulnerability Assessment
Intrusion Protection System
Documentation
News and Events
Register
|
LogIn
Knowledgebase
Downloads
Glossary
Ask a Question
Search:
Advanced search
Please enter a keyword or ID
SHALB.com
/
Security Knowledgebase
/
Network Security
/
Gain root remotely
/ 4D WebStar Arbitrary Directory Listing
server monitoring
4D WebStar Arbitrary Directory Listing
Article ID: 14196
Last updated: 27 Jan, 2009
Print
Email to friend
Views: 409
Posted: 22 Jan, 2009
by: Tech Pubs S.
Updated: 27 Jan, 2009
by: Tech Pubs S.
4D WebStar Arbitrary Directory Listing
This script is Copyright (C) 2004-2008 Tenable Network Security, Inc.
Family
Gain root remotely
Plugin ID
14196
Bugtraq ID
10721
CVE ID
CVE-2004-0696
Description:
The remote server is running 4D WebStar Web Server.
The remote server is vulnerable to two issues :
- An attacker may be able to obtain the listing of a directory by appending
a star (*) to the directory name
- An attacker may obtain the file php.ini by requesting /cgi-bin/php.ini
Solution : Upgrade to 4D WebStar 5.3.3 or newer
Risk factor : Medium
This article was:
Helpful
|
Not Helpful
Prev
Next
Webserver4everyone too long URL
FTGate4 IMAP EXAMINE Command Remote Overflow
server monitoring
