|
|
Family: CGI abuses --> Category: attack
FtpLocate fsite Parameter Command Execution Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for fsite parameter command execution vulnerability in FtpLocate
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a Perl script that is allows arbitrary
commands to be executed.
Description :
The remote host is running FtpLocate, a web search engine for FTP
sites written in Perl.
The installed version of FtpLocate allows remote attackers to execute
commands on the remote host by manipulating input to the 'fsite'
parameter in various scripts.
See also :
http://www.securityfocus.com/archive/1/406373/30/0/threaded
Solution :
Unknown at this time.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
