|
Family: CGI abuses --> Category: mixed
Hosting Controller addsubsite.asp Security Bypass Vulnerability Scan
Vulnerability Scan Summary Checks for addsubsite.asp security bypass in Hosting Controller
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains an ASP script that is susceptible
to unauthorized access.
Description :
The version of Hosting Controller installed on the remote host does
not properly validate access to administrative scripts. A possible hacker
can exploit this flaw to register accounts simply by passing arguments
to the 'addsubsite.asp' script.
See also :
http://isun.shabgard.org/hc3.txt
Solution :
Apply hotfix 2.0 or later to version 6.1.
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:N/A:N/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|