|
Family: CGI abuses --> Category: infos
Hosting Controller <= 6.1 Hotfix 3.1 Privilege Escalation Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks version of Hosting Controller
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains an ASP application that suffers from a
privilege escalation vulnerability.
Description :
According to its version number, the installation of Hosting
Controller on the remote host enables any authenticated user to gain
host admin rights and view all his resellers and change their
passwords.
See also :
http://www.milw0rm.com/exploits/1987
http://hostingcontroller.com/english/logs/hotfixlogv61_3_2.html
Solution :
Upgrade to version 6.1 if necessary and apply Hotfix 3.2 or later.
Threat Level:
Medium / CVSS Base Score : 4
(AV:R/AC:L/Au:R/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|