|
Family: Web Servers --> Category: attack
Zope Invalid Query Path Disclosure Vulnerability Scan
Vulnerability Scan Summary Checks for Zope Examples directory
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains an application server that is prone to
information disclosure.
Description :
The remote Zope web server may be forced into disclosing its physical
path when it receives bad arguments for several example CGIs included
in the installation.
See also :
http://exploitlabs.com/files/advisories/EXPL-A-2003-009-zope.txt
Solution :
Delete the directory '/Examples'.
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|