Summary
The msmmask.exe CGI is installed.
Some versions allow an attacker to read the source of any file in your webserver's directories by using the 'mask' parameter.
Solution
Upgrade your MondoSearch to version 4.4.5156 or later.
Severity
Classification
-
CVE CVE-2002-1528 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Adobe ColdFusion Unspecified Information Disclosure Vulnerability
- Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
- Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
- @Mail 'admin.php' Cross-Site Scripting Vulnerabilities
- Apache Subversion Module Metadata Accessible