I recently updated my plugin list.
Plugin ID:10610 had detected 471 instances of this particular exploit.
None of the systems I have checked, even have this cgi-bin software
installed.
I believe their is something wrong with this plugin check.
script_id(10610);
script_version ("$Revision: 1.11 $");
script_cve_id("CAN-2001-0214");
script_bugtraq_id(2370);
name["english"] = "way-board";
script_name(english:name["english"], francais:name["francais"]);
desc["english"] = "The 'way-board' CGI is installed. This CGI has
a well known security flaw that lets an attacker read arbitrary
files with the privileges of the http daemon (usually root or nobody
).
I did a scan of a similar system that does not have way-point installed
and it still believed it was installed.
The logs on the scanned webserver show that it returned a 404 on all
attempted access for that file. So it should not show that way-point is
installed.
_______________________________________________
Nessus mailing list
[EMAIL PROTECTED]
http://mail.nessus.org/mailman/listinfo/nessus
