|
Family: CGI abuses --> Category: infos
VsSetCookie.exe vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks for the VsSetCookie.exe file
Detailed Explanation for this Vulnerability Test
The file VsSetCookie.exe exists on this webserver.
Some versions of this file are vulnerable to remote exploit.
Solution : remove it from /cgi-bin.
To manually test the server, you can try:
http:///cgi-bin/VsSetCookie.exe?vsuser=
With a correctly guessed User Name, you will gain full access to the CGI.
*** As Nessus solely relied on the banner of the remote host
*** this might be a false positive
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|