|
|
Family: CGI abuses --> Category: infos
idq.dll directory traversal Vulnerability Scan
Vulnerability Scan Summary
Attempts to read an arbitrary file
Detailed Explanation for this Vulnerability Test
There is a vulnerability in idq.dll which allows any remote
user to read any file on the target system by doing the request :
GET http://target/query.idq?CiTemplate=../../../somefile.ext
Solution : Microsoft's webhits.dll addresses some of this
issue. It is available at :
http://www.microsoft.com/downloads/release/asp?ReleaseID=17727
Threat Level: High
Bugtraq ID : 968
Click HERE for more information and discussions on this network vulnerability scan.
|
