Family: CGI abuses --> Category: infos
readmsg.php detection Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of Cobal Cube webmail
Detailed Explanation for this Vulnerability Test
/base/webmail/readmsg.php was detected.
Some versions of this CGI allow remote users to read local
files with the permission of the web server.
Note that if the user has a shell access, this kind of attack is
*** Nessus just checked the existence of this file
*** but did not try to exploit the flaw.
Solution : get a newer software from Cobalt
Reference : http://online.securityfocus.com/archive/1/195165
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.