|
|
Family: Remote file access --> Category: infos
Anaconda remote file retrieval Vulnerability Scan
Vulnerability Scan Summary
Anaconda Foundation Directory remote file retrieval
Detailed Explanation for this Vulnerability Test
The remote Anaconda Foundation Directory contains a flaw
that allows anyone to read arbitrary files with root (super-user)
rights, by embedding a null byte in a URL, as in :
http://www.YOURSERVER.com/cgi-bin/apexec.pl?etype=odp&template=../../../../../../..../../etc/passwd%00.html&passurl=/category/
Solution : Contact your vendor for updated software.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
