|
Family: CGI abuses --> Category: infos
Web Wiz Site News / Compulsize Media CNU5 database disclosure Vulnerability Scan
Vulnerability Scan Summary Checks for news.mdb
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains an ASP application that is affected by an
information disclosure vulnerability.
Description :
The remote server is running Web Wiz Site News or Compulsive Media CNU5,
a set of ASP scripts to manage a news web site.
This release comes with a 'news.mdb' database which contains sensitive
information, such as the unencrypted news site administrator password
and URLs to several news stories. A possible hacker may use this flaw to
gain unauthorized access to the affected application.
See also :
http://archives.neohapsis.com/archives/bugtraq/2003-04/0188.html
Solution :
Prevent the download of .mdb files from your website.
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|