|
Family: CGI abuses --> Category: attack
Resin Directory Traversal Vulnerability Vulnerability Scan
Vulnerability Scan Summary Tries to retrieve boot.ini using Resin
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is prone to directory traversal attacks.
Description :
The remote host is running Resin, an application server.
The installation of Resin on the remote host allows an unauthenticated
remote attacker to gain access to any file on the affected Windows
host, which may lead to a loss of confidentiality.
See also :
http://www.securityfocus.com/archive/1/434150/30/0/threaded
http://www.caucho.com/download/changes.xtp
Solution :
Upgrade to Resin 3.0.19 or later.
Threat Level:
Low / CVSS Base Score : 3.3
(AV:R/AC:L/Au:NR/C:C/I:N/A:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|