Nessus Plugin #10739
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
Novell Web Server NDS Tree Browsing
- Family:
- CGI abuses
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2001 SecuriTeam
- Summary:
- Novell Web Server NDS Tree Browsing
- Version:
- $Revision: 1.15 $
- Cve_id:
- CAN-1999-1020
- Bugtraq_id:
- 484
- Xrefs:
- -
- Description:
- The Novell Web Server default ndsobj.nlm CGI (LCGI) was
detected. This CGI allows browsing of the NDS Tree without any need for
authentication.
Gaining access to the NDS Tree reveals sensitive information to an attacker.
Solution: Configure your Novell Web Server to block access to this CGI,
or delete it if you do not use it.
For More Information: http://www.securiteam.com/securitynews/5XP0L1555W.html
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.