Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

Ecartis Username Spoofing Vulnerability Scan

Vulnerability Scan Summary
Searches for the existence of lsg2.cgi

Detailed Explanation for this Vulnerability Test

The remote host is running the Ecartis Mailing List Manager
web interface (lsg2.cgi).

There is a vulnerability in versions older than 1.0.0 snapshot 20030227
which allows a possible hacker to spoof a username while changing passwords,
thus gaining the control of the mailing list.

*** Nessus solely relied on the version number of this CGI,
*** so this might be a false positive.

Solution : Upgrade to version 1.0.0 snapshot 20030227
Threat Level: Medium

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.