Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

GNUMP3d < 2.9.6 Multiple Vulnerabilities Vulnerability Scan

Vulnerability Scan Summary
Checks for multiple vulnerabilities in GNUMP3d < 2.9.6

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote streaming server is prone to directory traversal and cross-
site scripting attacks.

Description :

The remote host is running GNUMP3d, an open-source audio / video
streaming server.

The installed version of GNUMP3d on the remote host suffers fails to
completely filter out directory traversal sequences from request URIs.
By leveraging this flaw, a possible hacker can read arbitrary files on the
remote subject to the rights under which the server operates. In
addition, it fails to sanitize user-supplied input to several scripts,
which can be used to launch cross-site scripting attacks against the
affected application.

See also :

Solution :

Upgrade to GNUMP3d 2.9.7 or later.

Threat Level:

Medium / CVSS Base Score : 4

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.