Summary
The remote host seems to be running ViewCVS, an open source CGI written in python designed to access CVS directories using a web interface.
The remote version of this software is vulnerable to many cross-site scripting flaws though the script 'viewcvs'.
Using a specially crafted URL, an attacker can cause arbitrary code execution for third party users, thus resulting in a loss of integrity of their system.
Solution
Update to the latest version of this software
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2002-0771 -
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:N
Related Vulnerabilities
- 2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities
- Adobe ColdFusion Unspecified Information Disclosure Vulnerability
- 7Media Web Solutions EduTrac Directory Traversal Vulnerability
- Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
- Apache Tomcat SecurityConstraints Security Bypass Vulnerability