|
Family: CGI abuses --> Category: infos
A1Stats Traversal Vulnerability Scan
Vulnerability Scan Summary Checks if A1Stats reads any file
Detailed Explanation for this Vulnerability Test
The 'a1disp.cgi' CGI script was found on
this system. The script allows a possible hacker to view any file
on the target computer by requesting :
GET /cgi-bin/a1disp*.cgi?/../../../../etc/passwd
Solution : Delete the 'a1disp.cgi' script.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|