Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

BulletScript MailList bsml.pl Information Disclosure Vulnerability Scan


Vulnerability Scan Summary
Determine if MiniBB can be used to execute arbitrary commands

Detailed Explanation for this Vulnerability Test

The remote host is using BulletScript's bsml.pl, the web interface to a mailing
list manager.

The lack of authentication in this CGI may allow a possible hacker to gain
control on the email addresses database of the remote mailing list. A possible hacker
may use it to add or remove an e-mail address or to gather the list of
subscribers to the remote mailing list for spam purposes.

Solution: Disable this CGI
Threat Level: Medium

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.