Nessus Plugin #10416
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
Sambar /sysadmin directory 2
- Family:
- CGI abuses
- Category:
- attack
- Copyright:
- This script is Copyright (C) 2000 Hendrik Scholz
- Summary:
- Sambar webserver installed ?
- Version:
- $Revision: 1.16 $
- Cve_id:
- -
- Bugtraq_id:
- 2255
- Xrefs:
- -
- Description:
- The Sambar webserver is running.
It provides a web interface for configuration purposes.
The admin user has no password and there are some other default users without
passwords.
Everyone could set the HTTP-Root to c:\ and delete your files!
*** this may be a false positive - go to http://the_server/sysadmin/ and
have a look at it by yourself
Solution : Change the passwords via the webinterface or use a real webserver
like Apache.
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.