Summary
The executables 'redirect.exe' and/or 'changepw.exe' exist on this webserver. Some versions of these files are vulnerable to remote exploit.
An attacker can use this hole to gain access to confidential data or escalate their privileges on the web server.
*** As OVS solely relied on the existence of the redirect.exe or changepw.exe files, *** this might be a false positive
Solution
remove them from cgi-bin or scripts folder.
Severity
Classification
-
CVE CVE-2000-0401 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apple Safari PDF Javascript Security Bypass Bypass Vulnerability
- AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
- Ad Manager Pro Multiple SQL Injection And XSS Vulnerabilities
- AdaptBB Multiple Input Validation Vulnerabilities
- AlienVault OSSIM 'date_from' Parameter Multiple SQL Injection Vulnerabilities