Summary
The remote server is using the Power Up CGI.
This CGI exposes critical system information, and allows remote attackers to read any world readable file.
Solution
Disable access to the CGI until the author releases a patch.
Additional information:
http://www.securiteam.com/unixfocus/5PP062K5FO.html
Severity
Classification
-
CVE CVE-2001-1138 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Tomcat AJP Protocol Security Bypass Vulnerability
- appRain CMF SQL Injection And Cross Site Scripting Vulnerabilities
- Apple Safari PDF Javascript Security Bypass Bypass Vulnerability
- AstroSPACES profile.php SQL Injection Vulnerability
- AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability