Nessus Plugin #10748
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
Mediahouse Statistics Web Server Detect
- Family:
- General
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2001 SecuriTeam
- Summary:
- Mediahouse Statistics Web Server Detection
- Version:
- $Revision: 1.11 $
- Cve_id:
- CVE-2000-0776
- Bugtraq_id:
- 1568
- Xrefs:
- -
- Description:
- We detected the remote web server as a
Mediahouse Statistics web server. This web server suffers from a security
vulnerability that enables attackers to gain sensitive information on the
current logged events on the public web server (the server being monitored
by MediaHouse).
This information includes: who is on (currently surfing users), the user's
actions, customer's IP addresses, referrer URLs, hidden directories, web
server usernames and passwords, and more.
Some versions of the product also suffer from a flaw that allows attackers
to overflow an internal buffer causing it to execute arbitrary code.
Solution: Block the web server's port number on your Firewall, and
upgrade to the latest version if necessary.
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.