|
Family: CGI abuses --> Category: attack
ListManager Error Message Information Disclosure Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks for error message information disclosure vulnerability in ListManager
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is vulnerable to an information disclosure
vulnerability.
Description :
The remote host appears to be running ListManager, a web-based
commercial mailing list management application from Lyris.
In response to a request for a non-existent page, the version of
ListManager on the remote host returns sensitive information such as
the installation path and software version as well as possibly SQL
queries, code blocks, or the entire CGI environment.
See also :
http://metasploit.com/research/vulns/lyris_listmanager/
http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0349.html
Solution :
Unknown at this time.
Threat Level:
Low / CVSS Base Score : 2.3
(AV:R/AC:L/Au:NR/C:P/I:N/A:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|