|
Family: CGI abuses --> Category: infos
ZixForum Database Disclosure Vulnerability Scan
Vulnerability Scan Summary Checks for ZixForum.mdb
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains an ASP application that allows for
information disclosure.
Description :
The remote server is running ZixForum, a set of .asp scripts to for a
web-based forum.
This program uses a database named 'ZixForum.mdb' that can be downloaded
by any client. This database contains the whole discussions, the
account information and so on.
Solution :
Prevent the download of .mdb files from the remote website.
Threat Level:
Medium / CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)
Click HERE for more information and discussions on this network vulnerability scan.
|