[AWS] Nessus resports security hole in aws?
Preben Randhol
randhol@pvv.org
Wed, 15 Oct 2003 14:17:38 +0200
Preben Randhol <randhol@pvv.org> wrote on 15/10/2003 (14:11) :
> Preben Randhol <randhol@pvv.org> wrote on 15/10/2003 (14:07) :
> > Hi
> >
> > I was running the hello_world demo of aws on my machine while checking
> > it with nessus. I got this feedback:
>
> Forgot. Nessus => http://www.nessus.org/
tried the text_input and now I get a bunch of serious security alerts:
Problem is that I don't understand where these .cgi etc.. files are.
They are not on my system. Is the problem that aws doesn't give a 404
when one write http://localhost:8080/somelink.html and then nessus
thinks this file is installed?
Thanks in advance.
Preben
. Vulnerability found on port unknown (8080/tcp) :
The CGI 'viralator.cgi' is installed.
Some versions of this CGI are don't check properly the user
input and allow anyone to execute arbitrary commands with
the privileges of the web server
** No flaw was tested. Your script might be a safe version.
Solutions : Upgrade this script to version 0.9pre2 or newer
Risk factor : Serious
CVE : CAN-2001-0849
. Vulnerability found on port unknown (8080/tcp) :
The 'nph-publish.cgi' is installed. This CGI has
a well known security flaw that lets an attacker to execute arbitrary
commands with the privileges of the http daemon (usually root or nobody).
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CVE-1999-1177
. Vulnerability found on port unknown (8080/tcp) :
It is possible to read
any file on the remote system by prepending
several dots before the file name.
Example :
GET ........../config.sys
Solution : Disable this service and install
a real Web Server.
Risk factor : High
CVE : CVE-1999-0386
. Vulnerability found on port unknown (8080/tcp) :
ServletExec has a servlet called 'UploadServlet' in its server
side classes. UploadServlet, when invokable, allows an
attacker to upload any file to any directory on the server. The
uploaded file may have code that can later be executed on the
server, leading to remote command execution.
Solution : Remove it
Risk factor : Serious
CVE : CVE-2000-1024
BID : 1876
. Vulnerability found on port unknown (8080/tcp) :
The CGI 'build.cgi' is installed. This CGI has
a well known security flaw that lets an attacker obtain
the password of the remote AdCycle database or delete
databases.
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CAN-2000-1161
BID : 1969
. Vulnerability found on port unknown (8080/tcp) :
The 'Count.cgi' cgi is installed. This CGI has
a well known security flaw that lets anyone execute arbitrary
commands with the privileges of the http daemon (root or nobody).
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CVE-1999-0021
BID : 128
. Vulnerability found on port unknown (8080/tcp) :
The 'upload.cgi' cgi is installed. This CGI has
a well known security flaw that lets anyone upload arbitrary
files on the remote web server.
Solution : remove it from /cgi-bin.
Risk factor : Serious
. Vulnerability found on port unknown (8080/tcp) :
IIS comes with the sample site 'ExAir'. Unfortunately, one of its pages,
namely /iissamples/exair/search/query.asp, may be used to make IIS hang,
thus preventing it from answering legitimate client requests.
Solution : Delete the 'ExAir' sample IIS site.
Risk factor : Medium
CVE : CVE-1999-0449
BID : 193
. Vulnerability found on port unknown (8080/tcp) :
We detected a vulnerable version of the DCShop CGI.
This version does not properly protect user and credit card information.
It is possible to access files that contain administrative passwords,
current and pending transactions and credit card information (along with
name,
address, etc).
The following files are affected:
DCShop orders file: /cgi-bin/dcshop/Orders/orders.txt
DCShop orders file: /cgi-bin/dcshop/orders/orders.txt
DCShop authentication file: /cgi-bin/dcshop/Auth_data/auth_user_file.txt
DCShop authentication file: /cgi-bin/dcshop/auth_data/auth_user_file.txt
Solution:
1. Rename following directories to something hard to guess:
- Data
- User_carts
- Orders
- Auth_data
2. Make these changes to dcshop.setup and dcshop_admin.setup.
- In dcshop.setup, modify:
$datadir = '$cgidir/Data'
$cart_dir = '$cgidir/User_carts'
$order_dir = '$cgidir/Orders'
- In dcshop_admin.setup, modify:
$password_file_dir = '$path/Auth_data'
3. Rename dcshop.setup and dcshop_admin.setup to something difficult to
guess.
For example, dcshop_4314312.setup and dcshop_admin_3124214.setup
4. Edit dcshop.cgi, dcshop_admin.cgi, and dcshop_checkout.cgi and modify the
require statement for dcshop.setup and dcshop_admin.setup. That is:
- In dcshop.cgi, modify
require '$path/dcshop.setup'
so that it uses new setup file. For example,
require '$path/dcshop_4314312.setup'
- In dcshop_admin.cgi, modify
require '$path/dcshop.setup'
require '$path/dcshop_admin.setup'
so that it uses new setup file. For example,
require '$path/dcshop_4314312.setup'
require '$path/dcshop_admin_3124214.setup'
- In dcshop_checkout.cgi, modify
require '$path/dcshop.setup'
so that it uses new setup file. For example,
require '$path/dcshop_4314312.setup'
5. Save following file as index.html and upload it to your
/cgi-bin/dcshop directory, thereby hiding directory listing. On
NT servers, you may have to rename this file to default.htm.
http://www.dcscripts.com/FAQ/
This page show 'Internal Server Error' so it is not an error page...
it's just an index.html file to HIDE directories.
6. Replace your current files with above files
Risk factor : High
Additional information:
http://www.securiteam.com/unixfocus/5RP0N2K4KE.html
CVE : CAN-2001-0821
BID : 2889
. Vulnerability found on port unknown (8080/tcp) :
basilix.php3 is installed on this web server. Some versions
of this webmail software allow the users to read any file on
the system with the permission of the webmail software, and
execute any PHP.
Solution : Update Basilix or remove DUMMY from lang.inc
Risk factor : Low
CVE : CAN-2001-1045
BID : 2995
. Vulnerability found on port unknown (8080/tcp) :
The 'Perl' CGI is installed and can be launched
as a CGI. This is equivalent to giving a free shell to an attacker, with the
http server privileges (usually root or nobody).
Solution : remove it from /cgi-bin
Risk factor : Serious
CVE : CAN-1999-0509
. Vulnerability found on port unknown (8080/tcp) :
Cross site scripting, buffer overflow and remote command
execution on QuickTime/Darwin Streaming Administration
Server.
This is due to parsing problems with per script:
parse_xml.cgi.
The worst of these vulnerabilities allows for remote
command execution usually as root or administrator.
These servers are installed by default on port 1220.
See:
http://www.atstake.com/research/advisories/2003/a022403-1.txt
Solution: Obtain a patch or new software from Apple or
block this port (TCP 1220) from internet access.
*** Nessus reports this vulnerability using only
*** information that was gathered. Only the existance
*** of the potentially vulnerable cgi script was tested.
Risk factor : High
CVE : CAN-2003-0050, CAN-2003-0051, CAN-2003-0052, CAN-2003-0053,
CAN-2003-0054, CAN-2003-0055
BID : 6954, 6955, 6956, 6957, 6958, 6960, 6990
. Vulnerability found on port unknown (8080/tcp) :
The 'campas' cgi is installed. This CGI has
a well known security flaw that lets anyone execute arbitrary
commands with the privileges of the http daemon (root or nobody).
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CVE-1999-0146
BID : 1975
. Vulnerability found on port unknown (8080/tcp) :
RedHat Linux 6.0 installs by default a squid cache manager cgi script with
no restricted access permissions. This script could be used to perform a
port scan from the cgi-host machine.
Solution :
If you are not using the box as a Squid www proxy/cache server then
uninstall the package by executing:
/etc/rc.d/init.d/squid stop ; rpm -e squid
If you want to continue using the Squid proxy server software, make the
following actions to tighten security access to the manager interface:
mkdir /home/httpd/protected-cgi-bin
mv /home/httpd/cgi-bin/cachemgr.cgi /home/httpd/protected-cgi-bin/
And add the following directives to /etc/httpd/conf/access.conf and
srm.conf:
--- start access.conf segment ---
# Protected cgi-bin directory for programs that
# should not have public access
order deny,allow
deny from all
allow from localhost
#allow from .your_domain.com
AllowOverride None
Options ExecCGI
--- end access.conf segment ---
--- start srm.conf segment ---
ScriptAlias /protected-cgi-bin/ /home/httpd/protected-cgi-bin/
--- end srm.conf segment ---
Risk factor : High
CVE : CVE-1999-0710
BID : 2059
. Vulnerability found on port unknown (8080/tcp) :
The 'websendmail' CGI is installed. This CGI has
a well known security flaw that lets an attacker execute arbitrary
commands with the privileges of the http daemon (usually root or nobody).
Solution : Remove it from /cgi-bin.
Risk factor : Serious
CVE : CVE-1999-0196
BID : 2077
. Vulnerability found on port unknown (8080/tcp) :
The 'guestbook.pl' is installed. This CGI has
a well known security flaw that lets anyone execute arbitrary
commands with the privileges of the http daemon (root or nobody).
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CAN-1999-1053
BID : 776
. Vulnerability found on port unknown (8080/tcp) :
The 'ping.asp' CGI is installed. Some versions
allows a cracker to launch a ping flood against your
machine or another by entering
'127.0.0.1 -l 65000 -t' in the Address field.
Solution : remove it.
Reference : http://online.securityfocus.com/archive/82/275088
Risk factor : Serious
. Vulnerability found on port unknown (8080/tcp) :
BizDB is a web database integration product
using Perl CGI scripts. One of the scripts,
bizdb-search.cgi, passes a variable's
contents to an unchecked open() call and
can therefore be made to execute commands
at the privilege level of the webserver.
The variable is dbname, and if passed a
semicolon followed by shell commands they
will be executed. This cannot be exploited
from a browser, as the software checks for
a referrer field in the HTTP request. A
valid referrer field can however be created
and sent programmatically or via a network
utility like netcat.
see also : http://www.hack.co.za/daem0n/cgi/cgi/bizdb.htm
Risk factor : Serious
CVE : CVE-2000-0287
BID : 1104
. Vulnerability found on port unknown (8080/tcp) :
The 'get32.exe' CGI script is installed on this
machine. This CGI has a well known security flaw that allows an
attacker to execute arbitrary commands on the remote system with
the privileges of the HTTP daemon (typically root or nobody).
Solution : Remove the 'get32.exe' script from your web server's
CGI directory (usually cgi-bin/)..
Risk factor : Serious
CVE : CAN-1999-0885
BID : 770
. Vulnerability found on port unknown (8080/tcp) :
The CSNews.cgi exists on this webserver. Some versions of this file
are vulnerable to remote exploit.
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CVE-2002-0923
BID : 4994
. Vulnerability found on port unknown (8080/tcp) :
It is possible to fill the hard disk of a server
running OmniHTTPd by issuing the request :
http://omni.server/cgi-bin/visadmin.exe?user=guest
This allows an attacker to crash your web server.
This script checks for the presence of the faulty CGI, but
does not execute it.
Solution : remove visadmin.exe from /cgi-bin.
Risk factor : Medium/High
CVE : CAN-1999-0970
BID : 1808
. Vulnerability found on port unknown (8080/tcp) :
IIS comes with the sample site 'ExAir'. Unfortunately,
one of its pages, namely /iissamples/exair/search/advsearch.asp, may
be used to make IIS hang, thus preventing it from answering legitimate
client requests.
Solution : Delete the 'ExAir' sample IIS site.
Risk factor : Medium/High
CVE : CVE-1999-0449
BID : 193
. Vulnerability found on port unknown (8080/tcp) :
The Cart32 e-commerce shopping cart is installed.
This software contains several security flaws :
- it may contain a backdoor
- users may be able to change the admin password remotely
You should use something else.
See also : http://www.cerberus-infosec.co.uk/advcart32.html
Solution : use another shopping cart software
Risk factor : High
CVE : CAN-2000-0429
BID : 1153
. Vulnerability found on port unknown (8080/tcp) :
At least one of these file or directories is
world readable :
/webcart/orders/
/webcart/orders/import.txt
/webcart/carts/
/webcart/config/
/webcart/config/clients.txt
/webcart-lite/orders/import.txt
/webcart-lite/config/clients.txt
This misconfiguration may allow an attacker to gather
the credit card numbers of your clients.
Solution : Do not make directories world readable.
Risk factor : High
CVE : CAN-1999-0610
BID : 2281
. Vulnerability found on port unknown (8080/tcp) :
The CGI 'args.bat' (and/or 'args.cmd') is installed. This CGI has
a well known security flaw that lets an attacker upload
arbitrary files on the remote web server.
Solution : remove it from /cgi-dos.
Risk factor : Medium
CVE : CAN-1999-1180
. Vulnerability found on port unknown (8080/tcp) :
The VsSetCookie.exe exists on this webserver.
Some versions of this file are vulnerable to remote exploit.
Solution : remove it from /cgi-bin.
To manually test the server, you can try:
http://<serverip>/cgi-bin/VsSetCookie.exe?vsuser=<user_name>
With a correctly guessed User Name, you will gain full access to the CGI.
*** As Nessus solely relied on the banner of the remote host
*** this might be a false positive
Risk factor : Serious
CVE : CAN-2002-0236
BID : 3784
. Vulnerability found on port unknown (8080/tcp) :
The ndcgi.exe exists on this webserver.
Some versions of this file are vulnerable to remote exploit.
Solution : remove it from /cgi-bin.
More info can be found at:
http://marc.theaimsgroup.com/?l=bugtraq&m=100681274915525&w=2
*** As Nessus solely relied on the existence of the ndcgi.exe file,
*** this might be a false positive
Risk factor : Serious
CVE : CAN-2001-0922
. Vulnerability found on port unknown (8080/tcp) :
It is possible to read the include file of PCCS-Mysql,
dbconnect.inc on the remote server.
This include file contains information such as the
username and password used to connect to the database.
Solution:
Versions 1.2.5 and later are not vulnerable to this issue.
A workaround is to restrict access to the .inc file.
Risk factor : High
CVE : CVE-2000-0707
BID : 1557
. Vulnerability found on port unknown (8080/tcp) :
The 'guestbook.cgi' is installed. This CGI has
a well known security flaw that lets anyone execute arbitrary
commands with the privileges of the http daemon (root or nobody).
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CVE-1999-0237
BID : 776
. Vulnerability found on port unknown (8080/tcp) :
The script /cart/cart.cgi is present.
If this shopping cart system is the Dansie
Shopping Cart, and if it is older than version 3.0.8
then it is very likely that it contains a backdoor
which allows anyone to execute arbitrary commands on this system.
Solution : use another cart system
Risk factor : High
CVE : CVE-2000-0252
BID : 1115
. Vulnerability found on port unknown (8080/tcp) :
The CGI 'ad.cgi' is installed. This CGI has
a well known security flaw that lets an attacker execute
arbitrary commands with the privileges of the http daemon
(usually root or nobody).
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CAN-2001-0025
BID : 2103
. Vulnerability found on port unknown (8080/tcp) :
Trend Micro OfficeScan Corporate Edition (Japanese version: Virus
Buster Corporate Edition) web-based management console let anybody
access /officescan/hotdownload without authentication.
Reading the configuration file /officescan/hotdownload/ofcscan.ini
will reveal information on your system. More, it contains passwords
that are encrypted by a weak specific algorithm; so they might be
decrypted
Solution : upgrade OfficeScan
Risk factor : Low
BID : 3438
. Vulnerability found on port unknown (8080/tcp) :
The file /wwwboard/passwd.txt exists.
This file is installed by default with Matt's Script wwwboard
software. This can be a high risk vulnerability if the
password used is the same for other services. An attacker
can easily take over the board by cracking the passwd.
Solution : Configure the wwwadmin.pl script to put
the passwd.txt file somewhere else.
Risk factor : High
CVE : CVE-1999-0953
BID : 649
. Vulnerability found on port unknown (8080/tcp) :
/cgi-bin/.cobalt/overflow/overflow.cgi was detected.
Some versions of this CGI allow remote users to execute arbitrary commands
with the privileges of the web server.
*** Nessus just checked the presence of this file
*** but did not try to exploit the flaw, so this might
*** be a false positive
See: http://www.cert.org/advisories/CA-2002-35.html
Solution : get a newer software from Cobalt
Risk factor : High
. Vulnerability found on port unknown (8080/tcp) :
The 'glimpse' cgi is installed. This CGI has
a well known security flaw that lets anyone execute arbitrary
commands with the privileges of the http daemon (root or nobody).
Note that we could not actually check for the presence
of this vulnerability, so you may be using a patched
version.
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CVE-1999-0147
BID : 2026
. Vulnerability found on port unknown (8080/tcp) :
The CGI 'textcounter' is installed. This CGI has
a well known security flaw that lets an attacker execute
arbitrary commands with the privileges of the http daemon
(usually root or nobody).
Solution : remove it from /cgi-bin.
Risk factor : Serious
BID : 2265
. Vulnerability found on port unknown (8080/tcp) :
The Webnews.exe exists on this webserver.
Some versions of this file are vulnerable to remote exploit.
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CVE-2002-0290
BID : 4124
. Vulnerability found on port unknown (8080/tcp) :
The Cobalt 'siteUserMod' CGI is installed.
Older versions of this CGI allow any user to change the
administrator password.
Make sure you are running the latest version.
Solution :
RaQ 1 Users, download :
ftp://ftp.cobaltnet.com/
pub/experimental/security/siteUserMod/RaQ1-Security-3.6.pkg
RaQ 2 Users, download :
ftp://ftp.cobaltnet.com/
pub/experimental/security/siteUserMod/RaQ2-Security-2.94.pkg
RaQ 3 Users, download :
ftp://ftp.cobaltnet.com/
pub/experimental/security/siteUserMod/RaQ3-Security-2.2.pkg
Risk factor : High
CVE : CVE-2000-0117
BID : 951
. Vulnerability found on port unknown (8080/tcp) :
The 'windmail.exe' CGI is installed.
Some versions of this CGI script have a security flaw that lets
an attacker execute arbitrary commands on the remote server.
To test this, make the following request :
GET /cgi-bin/windmail.exe?-n%20c:\boot.ini%20you@youraddress.com
(replace you@youraddress.com by your real email address).
If you receive the content of the file boot.ini,
then your server is vulnerable.
Solution : remove it from /cgi-bin. See www.geocel.com
for a new version.
Risk factor : Serious
CVE : CAN-2000-0242
BID : 1073
. Vulnerability found on port unknown (8080/tcp) :
The CGI /scripts/tools/newdsn.exe is present.
This CGI allows any attacker to create files
anywhere on your system if your NTFS permissions
are not tight enough, and can be used to overwrite
DSNs of existing databases.
Solution : Remove newdsn.exe
Risk factor : High
CVE : CVE-1999-0191
BID : 1818
. Vulnerability found on port unknown (8080/tcp) :
The file /ncl_items.html or /ncl_subjects.html exist on the remote system.
It is very likely that this file will allow an attacker
to reconfigure your Tektronix printer.
An attacker can use this to prevent the users of your
network from working properly by preventing them
from printing their files.
Solution : Filter incoming traffic to port 80 to this
device, or disable the Phaserlink webserver on the
printer (can be done by requesting
http://printername/ncl_items?SUBJECT=2097)
Risk factor : Low
CVE : CAN-1999-1508
BID : 806
. Vulnerability found on port unknown (8080/tcp) :
The 'jj' CGI is installed. This CGI has
a well known security flaw that lets an attacker execute arbitrary
commands with the privileges of the http daemon (usually root or nobody).
Solution : Remove it from /cgi-bin.
Risk factor : Serious
CVE : CVE-1999-0260
BID : 2002
. Vulnerability found on port unknown (8080/tcp) :
The 'wrap' CGI is installed. This CGI allows
anyone to get a listing for any directory with mode +755.
*** Note that all implementations of 'wrap' are not
*** vulnerable. See the relevant CVE entry.
Solution : remove it from /cgi-bin.
Risk factor : Low/Medium
CVE : CVE-1999-0149
BID : 373
. Vulnerability found on port unknown (8080/tcp) :
The 'plusmail' CGI is installed. Some
versions of this CGI have a well known security flaw that
lets an attacker read arbitrary
file with the privileges of the http daemon
(usually root or nobody).
Solution : remove it from /cgi-bin. No patch yet
Risk factor : Serious
CVE : CAN-2000-0074
BID : 2653
. Vulnerability found on port unknown (8080/tcp) :
The CGI 'AnyForm2' is installed.
Old versions of this CGI have a well known security flaw that lets
anyone execute arbitrary commands with the privileges of the http daemon
(root or nobody).
Solution : remove it.
Risk factor : Serious
CVE : CVE-1999-0066
BID : 719
. Vulnerability found on port unknown (8080/tcp) :
IIS comes with the sample site 'ExAir'.
Unfortunately, one of its pages,
namely /iissamples/exair/search/search.asp,
may be used to make IIS hang, thus preventing
it from answering legitimate client requests.
Solution : Delete the 'ExAir' sample IIS site.
Risk factor : Medium
CVE : CVE-1999-0449
BID : 193
. Vulnerability found on port unknown (8080/tcp) :
It may be possible for an attacker to reconfigure the
remote web server by requesting :
GET /scripts/wsisa.dll/WService=anything?WSMadmin
Solution : Edit the ubroker.properties file and change
AllowMsngrCmds = 1
to :
AllowMsngrCmds = 0
Risk factor : High
CVE : CVE-2000-0127
BID : 969
. Vulnerability found on port unknown (8080/tcp) :
'cgiwrap' is installed. This CGI has
a well known security flaw that lets anyone execute arbitrary
commands with the privileges of the http daemon (root or nobody).
*** Note that all versions of cgiwrap are not affected
*** by this problem ! Consult your vendor.
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CVE-1999-1530, CVE-2000-0431
BID : 777, 1238
. Vulnerability found on port unknown (8080/tcp) :
The 'webgais' CGI is installed. This CGI has
a well known security flaw that lets an attacker execute arbitrary
commands with the privileges of the http daemon (usually root or nobody).
Solution : remove it from /cgi-bin
Risk factor : Serious
CVE : CVE-1999-0176
BID : 2058
. Vulnerability found on port unknown (8080/tcp) :
alya.cgi is a cgi backdoor distributed with
multiple rootkits.
Risk factor : Serious
. Vulnerability found on port unknown (8080/tcp) :
The remote web server has one of these shells installed
in /cgi-bin :
ash, bash, csh, ksh, sh, tcsh, zsh
Leaving executable shells in the cgi-bin directory of
a web server may allow an attacker to execute arbitrary
commands on the target machine with the privileges of the
http daemon (usually root or nobody).
Solution : Remove all the shells from /cgi-bin.
Risk factor : Serious
CVE : CAN-1999-0509
. Vulnerability found on port unknown (8080/tcp) :
The CGI 'CgiMail.exe' exists on this webserver.
Some versions of this file are vulnerable to remote exploit.
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CVE-2000-0726
BID : 1623
. Vulnerability found on port unknown (8080/tcp) :
The Excite for Webservers is installed. This CGI has
a well known security flaw that lets anyone execute arbitrary
commands with the privileges of the http daemon (root or nobody).
Versions newer than 1.1. are patched.
Solution : if you are running version 1.1 or older, then
upgrade it.
Risk factor : Serious
CVE : CVE-1999-0279
BID : 2248
. Vulnerability found on port unknown (8080/tcp) :
The 'uploader.exe' CGI is installed. This CGI has
a well known security flaw that lets anyone upload arbitrary
CGI on the server, and then execute them.
Solution : remove it from /cgi-win.
Risk factor : Serious
CVE : CVE-1999-0177
. Vulnerability found on port unknown (8080/tcp) :
The 'bboard' servlet is installed in
/servlet/sunexamples.BBoardServlet. This servlet has
a well known security flaw that lets anyone execute arbitrary
commands with the privileges of the http daemon (root or nobody).
Solution : remove it.
Risk factor : Serious
CVE : CAN-2000-0629
BID : 1459
. Vulnerability found on port unknown (8080/tcp) :
It is possible to retrieve the password of the remote guestbook application
by requesting the file 'passwd.txt' in files/
Solution : Delete the guestbook CGI
Risk factor : Low
BID : 7167
. Vulnerability found on port unknown (8080/tcp) :
The following dangerous CGI scripts were found
You should manually check each script and associated CVE ID at cve.mitre.org
AT-admin.cgi http://127.0.0.1/AT-admin.cgi CAN-1999-1072
AT-admin.cgi http://127.0.0.1/cgi-bin/AT-admin.cgi CAN-1999-1072
CSMailto.cgi http://127.0.0.1/CSMailto.cgi CAN-2002-0749
CSMailto.cgi http://127.0.0.1/cgi-bin/CSMailto.cgi CAN-2002-0749
UltraBoard.cgi http://127.0.0.1/UltraBoard.cgi CAN-2001-0135
UltraBoard.cgi http://127.0.0.1/cgi-bin/UltraBoard.cgi CAN-2001-0135
UltraBoard.pl http://127.0.0.1/UltraBoard.pl CAN-2001-0135
UltraBoard.pl http://127.0.0.1/cgi-bin/UltraBoard.pl CAN-2001-0135
YaBB.cgi http://127.0.0.1/YaBB.cgi CAN-2002-0955
YaBB.cgi http://127.0.0.1/cgi-bin/YaBB.cgi CAN-2002-0955
a1disp4.cgi http://127.0.0.1/a1disp4.cgi CAN-2001-0562
a1disp4.cgi http://127.0.0.1/cgi-bin/a1disp4.cgi CAN-2001-0562
alert.cgi http://127.0.0.1/alert.cgi CAN-2002-0346
alert.cgi http://127.0.0.1/cgi-bin/alert.cgi CAN-2002-0346
authenticate.cgi http://127.0.0.1/authenticate.cgi CVE-2000-0923
authenticate.cgi http://127.0.0.1/cgi-bin/authenticate.cgi CVE-2000-0923
bbs_forum.cgi http://127.0.0.1/bbs_forum.cgi CVE-2001-0123
bbs_forum.cgi http://127.0.0.1/cgi-bin/bbs_forum.cgi CVE-2001-0123
bnbform.cgi http://127.0.0.1/bnbform.cgi CVE-1999-0937
bnbform.cgi http://127.0.0.1/cgi-bin/bnbform.cgi CVE-1999-0937
bsguest.cgi http://127.0.0.1/bsguest.cgi CVE-2001-0099
bsguest.cgi http://127.0.0.1/cgi-bin/bsguest.cgi CVE-2001-0099
bslist.cgi http://127.0.0.1/bslist.cgi CVE-2001-0100
bslist.cgi http://127.0.0.1/cgi-bin/bslist.cgi CVE-2001-0100
catgy.cgi http://127.0.0.1/catgy.cgi CAN-2001-1212
catgy.cgi http://127.0.0.1/cgi-bin/catgy.cgi CAN-2001-1212
cgforum.cgi http://127.0.0.1/cgforum.cgi CVE-2000-1132
cgforum.cgi http://127.0.0.1/cgi-bin/cgforum.cgi CVE-2000-1132
classifieds.cgi http://127.0.0.1/classifieds.cgi CVE-1999-0934
classifieds.cgi http://127.0.0.1/cgi-bin/classifieds.cgi CVE-1999-0934
csPassword.cgi http://127.0.0.1/csPassword.cgi CAN-2002-0917
csPassword.cgi http://127.0.0.1/cgi-bin/csPassword.cgi CAN-2002-0917
cvsview2.cgi http://127.0.0.1/cvsview2.cgi CAN-2003-0153
cvsview2.cgi http://127.0.0.1/cgi-bin/cvsview2.cgi CAN-2003-0153
cvslog.cgi http://127.0.0.1/cvslog.cgi CAN-2003-0153
cvslog.cgi http://127.0.0.1/cgi-bin/cvslog.cgi CAN-2003-0153
multidiff.cgi http://127.0.0.1/multidiff.cgi CAN-2003-0153
multidiff.cgi http://127.0.0.1/cgi-bin/multidiff.cgi CAN-2003-0153
dnewsweb.cgi http://127.0.0.1/dnewsweb.cgi CAN-2000-0423
dnewsweb.cgi http://127.0.0.1/cgi-bin/dnewsweb.cgi CAN-2000-0423
download.cgi http://127.0.0.1/download.cgi CAN-1999-1377
download.cgi http://127.0.0.1/cgi-bin/download.cgi CAN-1999-1377
edit_action.cgi http://127.0.0.1/edit_action.cgi CAN-2001-1196
edit_action.cgi http://127.0.0.1/cgi-bin/edit_action.cgi CAN-2001-1196
emumail.cgi http://127.0.0.1/emumail.cgi CAN-2002-1526
emumail.cgi http://127.0.0.1/cgi-bin/emumail.cgi CAN-2002-1526
everythingform.cgi http://127.0.0.1/everythingform.cgi CAN-2001-0023
everythingform.cgi http://127.0.0.1/cgi-bin/everythingform.cgi
CAN-2001-0023
ezadmin.cgi http://127.0.0.1/ezadmin.cgi CAN-2002-0263
ezadmin.cgi http://127.0.0.1/cgi-bin/ezadmin.cgi CAN-2002-0263
ezboard.cgi http://127.0.0.1/ezboard.cgi CAN-2002-0263
ezboard.cgi http://127.0.0.1/cgi-bin/ezboard.cgi CAN-2002-0263
ezman.cgi http://127.0.0.1/ezman.cgi CAN-2002-0263
ezman.cgi http://127.0.0.1/cgi-bin/ezman.cgi CAN-2002-0263
ezadmin.cgi http://127.0.0.1/ezadmin.cgi CAN-2002-0263
ezadmin.cgi http://127.0.0.1/cgi-bin/ezadmin.cgi CAN-2002-0263
FileSeek.cgi http://127.0.0.1/FileSeek.cgi CAN-2002-0611
FileSeek.cgi http://127.0.0.1/cgi-bin/FileSeek.cgi CAN-2002-0611
fom.cgi http://127.0.0.1/fom.cgi CAN-2002-0230
fom.cgi http://127.0.0.1/cgi-bin/fom.cgi CAN-2002-0230
gbook.cgi http://127.0.0.1/gbook.cgi CVE-2000-1131
gbook.cgi http://127.0.0.1/cgi-bin/gbook.cgi CVE-2000-1131
getdoc.cgi http://127.0.0.1/getdoc.cgi CAN-2000-0288
getdoc.cgi http://127.0.0.1/cgi-bin/getdoc.cgi CAN-2000-0288
global.cgi http://127.0.0.1/global.cgi CVE-2000-0952
global.cgi http://127.0.0.1/cgi-bin/global.cgi CVE-2000-0952
guestserver.cgi http://127.0.0.1/guestserver.cgi CAN-2001-0180
guestserver.cgi http://127.0.0.1/cgi-bin/guestserver.cgi CAN-2001-0180
imageFolio.cgi http://127.0.0.1/imageFolio.cgi CAN-2002-1334
imageFolio.cgi http://127.0.0.1/cgi-bin/imageFolio.cgi CAN-2002-1334
lastlines.cgi http://127.0.0.1/lastlines.cgi CAN-2001-1205
lastlines.cgi http://127.0.0.1/cgi-bin/lastlines.cgi CAN-2001-1205
mailfile.cgi http://127.0.0.1/mailfile.cgi CVE-2000-0977
mailfile.cgi http://127.0.0.1/cgi-bin/mailfile.cgi CVE-2000-0977
mailview.cgi http://127.0.0.1/mailview.cgi CAN-2000-0526
mailview.cgi http://127.0.0.1/cgi-bin/mailview.cgi CAN-2000-0526
sendmessage.cgi http://127.0.0.1/sendmessage.cgi CVE-2001-1100
sendmessage.cgi http://127.0.0.1/cgi-bin/sendmessage.cgi CVE-2001-1100
nsManager.cgi http://127.0.0.1/nsManager.cgi CAN-2000-1023
nsManager.cgi http://127.0.0.1/cgi-bin/nsManager.cgi CAN-2000-1023
perlshop.cgi http://127.0.0.1/perlshop.cgi CAN-1999-1374
perlshop.cgi http://127.0.0.1/cgi-bin/perlshop.cgi CAN-1999-1374
readmail.cgi http://127.0.0.1/readmail.cgi CAN-2001-1283
readmail.cgi http://127.0.0.1/cgi-bin/readmail.cgi CAN-2001-1283
printmail.cgi http://127.0.0.1/printmail.cgi CAN-2001-1283
printmail.cgi http://127.0.0.1/cgi-bin/printmail.cgi CAN-2001-1283
register.cgi http://127.0.0.1/register.cgi CAN-2001-0076
register.cgi http://127.0.0.1/cgi-bin/register.cgi CAN-2001-0076
sendform.cgi http://127.0.0.1/sendform.cgi CVE-2002-0710
sendform.cgi http://127.0.0.1/cgi-bin/sendform.cgi CVE-2002-0710
sendmessage.cgi http://127.0.0.1/sendmessage.cgi CVE-2001-1100
sendmessage.cgi http://127.0.0.1/cgi-bin/sendmessage.cgi CVE-2001-1100
service.cgi http://127.0.0.1/service.cgi CAN-2002-0346
service.cgi http://127.0.0.1/cgi-bin/service.cgi CAN-2002-0346
setpasswd.cgi http://127.0.0.1/setpasswd.cgi CAN-2001-0133
setpasswd.cgi http://127.0.0.1/cgi-bin/setpasswd.cgi CAN-2001-0133
simplestmail.cgi http://127.0.0.1/simplestmail.cgi CAN-2001-0022
simplestmail.cgi http://127.0.0.1/cgi-bin/simplestmail.cgi CAN-2001-0022
simplestguest.cgi http://127.0.0.1/simplestguest.cgi CAN-2001-0022
simplestguest.cgi http://127.0.0.1/cgi-bin/simplestguest.cgi CAN-2001-0022
talkback.cgi http://127.0.0.1/talkback.cgi CAN-2001-0420
talkback.cgi http://127.0.0.1/cgi-bin/talkback.cgi CAN-2001-0420
ttawebtop.cgi http://127.0.0.1/ttawebtop.cgi CAN-2002-0203
ttawebtop.cgi http://127.0.0.1/cgi-bin/ttawebtop.cgi CAN-2002-0203
ws_mail.cgi http://127.0.0.1/ws_mail.cgi CAN-2001-1343
ws_mail.cgi http://127.0.0.1/cgi-bin/ws_mail.cgi CAN-2001-1343
CVE : CAN-1999-1072, CAN-2002-0749, CAN-2001-0135, CAN-2002-0955,
CAN-2001-0562, CAN-2002-0346, CVE-2000-0923, CVE-2001-0123
. Vulnerability found on port unknown (8080/tcp) :
It was possible to read the content of /EXT.INI
(BadBlue configuration file) by sending an invalid GET request.
A cracker may exploit this vulnerability to steal the passwords.
Solution : upgrade your software or protect it with a filtering reverse
proxy
Risk factor : Medium
CVE : CAN-2002-1021
BID : 5226
. Vulnerability found on port unknown (8080/tcp) :
Some versions of the mini-sql program comes with a
w3-msql CGI which is vulnerable to a buffer overflow.
An attacker may use it to gain a shell on this system.
*** Nessus reports this vulnerability using only
*** information that was gathered. Use caution
*** when testing without safe checks enabled.
Solution : contact the vendor of mini-sql (http://hugues.com.au)
and ask for a patch. Meanwhile, remove w3-msql from
/cgi-bin
Risk factor : High
CVE : CVE-2000-0012
BID : 898
. Vulnerability found on port unknown (8080/tcp) :
There may be a buffer overrun in
the 'cgitest.exe' CGI program, which will allow anyone to
execute arbitrary commands with the same privileges as the
web server (root or nobody).
*** Nessus reports this vulnerability using only
*** information that was gathered. Use caution
*** when testing without safe checks enabled.
Solution : remove it from
Risk factor : Serious
CVE : CVE-2002-0128
BID : 3885
. Vulnerability found on port unknown (8080/tcp) :
There may be buffer overflow in the remote cgi win-c-sample.exe.
An attacker may use this flaw to execute arbitrary commands
on this host.
*** Nessus reports this vulnerability using only
*** information that was gathered. Use caution
*** when testing without safe checks enabled.
Solution : delete it
Risk factor : High
CVE : CVE-1999-0178
BID : 2078
. Vulnerability found on port unknown (8080/tcp) :
There may be a buffer overflow in the remote
htimage.exe cgi when it is given the request :
/cgi-bin/htimage.exe/AAAA[....]AAA?0,0
An attacker may use it to execute arbitrary code
on this host.
*** Nessus reports this vulnerability using only
*** information that was gathered. Use caution
*** when testing without safe checks enabled.
Solution : delete it
Risk factor : High
CVE : CAN-2000-0256
BID : 1117
. Vulnerability found on port unknown (8080/tcp) :
admin.cgi was detected on this server.
Shoutcast server installs a version that is vulnerable to
a buffer overflow.
** Note that Nessus did not try to exploit the flaw,
** so this might be a false alert.
Solution : upgrade Shoutcast to the latest version.
Risk factor : Serious
CVE : CAN-2002-0199
BID : 3934
. Vulnerability found on port unknown (8080/tcp) :
The CGI 'cgiWebupdate.exe' exists on this webserver.
Some versions of this file are vulnerable to remote exploit.
Solution : remove it from /cgi-bin.
*** As Nessus solely relied on the existence of the cgiWebupdate.exe file,
*** this might be a false positive
Risk factor : Serious
CVE : CAN-2001-1150
BID : 3216
. Vulnerability found on port unknown (8080/tcp) :
The 'webdist.cgi' cgi is installed. This CGI has
a well known security flaw that lets anyone execute arbitrary
commands with the privileges of the http daemon (root or nobody).
*** Nessus reports this vulnerability using only
*** information that was gathered. Use caution
*** when testing without safe checks enabled.
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CVE-1999-0039
BID : 374
. Vulnerability found on port unknown (8080/tcp) :
The remote host has the CGI 'hpnst.exe' installed.
Older versions of this CGI (pre 5.55) are vulnerable
to a denial of service attack where the user can make
the CGI request itself.
*** As safe checks are enabled, Nessus did not really test
*** for this flaw, so this might be a false positive
Solution : upgrade to version 5.55
Risk factor : High
CVE : CAN-2003-0169
. Vulnerability found on port unknown (8080/tcp) :
The CGI /pbserver/pbserver.dll is subject to a buffer
overflow attack that allows an attacker to execute
arbitrary commands on this host.
*** Nessus reports this vulnerability using only
*** information that was gathered. Use caution
*** when testing without safe checks enabled.
Solution : See
http://www.microsoft.com/technet/security/bulletin/ms00-094.asp
Risk factor : High
CVE : CVE-2000-1089
BID : 2048
. Vulnerability found on port unknown (8080/tcp) :
The CGI 'wwwwais' is installed. This CGI has
a well known security flaw that lets an attacker execute arbitrary
commands with the privileges of the http daemon (usually root or nobody).
*** Nessus reports this vulnerability using only
*** information that was gathered. Use caution
*** when testing without safe checks enabled.
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CAN-2001-0223
. Vulnerability found on port unknown (8080/tcp) :
The CGI 'wwwwais' is installed. This CGI has
a well known security flaw that lets an attacker execute arbitrary
commands with the privileges of the http daemon (usually root or nobody).
*** Nessus reports this vulnerability using only
*** information that was gathered. Use caution
*** when testing without safe checks enabled.
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CAN-2001-0223
. Vulnerability found on port unknown (8080/tcp) :
The file counter.exe seems to be present on the server
As safe_checks were enabled, this may be a false positive
CVE : CAN-1999-1030
BID : 267
. Vulnerability found on port unknown (8080/tcp) :
The file counter.exe seems to be present on the server
As safe_checks were enabled, this may be a false positive
CVE : CAN-1999-1030
BID : 267
. Vulnerability found on port unknown (8080/tcp) :
The executables 'redirect.exe' and/or changepw.exe exist on this webserver.
Some versions of these files are vulnerable to remote exploit.
*** As Nessus solely relied on the existence of the redirect.exe or
changepw.exe files,
*** this might be a false positive
Solution : remove them from /cgi-bin.
Risk factor : Serious
CVE : CAN-2000-0401
BID : 1256
. Warning found on port unknown (8080/tcp)
The 'finger' cgi is installed. It is usually
not a good idea to have such a service installed, since
it usually gives more troubles than anything else.
Double check that you really want to have this
service installed.
Solution : remove it from /cgi-bin.
Risk factor : Serious
. Warning found on port unknown (8080/tcp)
The 'webdriver' cgi is installed. This CGI usually
lets anyone access the Informix databases of the hosts that run it.
*** Warning : Nessus solely relied on the presence of this CGI, it did not
*** determine if you specific version is vulnerable to that problem
Solution : remove it from /cgi-bin.
Risk factor : Serious
BID : 2166
. Warning found on port unknown (8080/tcp)
webadmin.dll was found on your web server.
Old versions of this CGI suffered from numerous problems:
- installation path disclosure
- directory traversal, allowing anybody with
administrative permission on WebAdmin to read any file
- buffer overflow, allowing anybody to run arbitrary code on
your server with SYSTEM privileges.
*** Note that no attack was performed, and the version number was
*** not checked, so this might be a false alert
Solution : Upgrade to the latest version if necessary
Risk factor : Serious
. Warning found on port unknown (8080/tcp)
The file /_ncl_items.shtml or /_ncl_subjects.shtml exists on the
remote web server.
If the remote host is a Tektronix printer, then this page
allows anyone to reconfigure it without any authentication
means whatsoever.
An attacker may use this flaw to conduct a denial of service
attack against your business by preventing legitimate users
from printing their work, or against your network, by changing
the IP address of the printer so that it conflicts with the IP
address of your file server.
Solution : Contact Tektronix for a patch and filter incoming
traffic to this port
Risk factor : Low
CVE : CAN-2001-0484
BID : 2659
. Warning found on port unknown (8080/tcp)
The 'printenv' CGI is installed.
printenv normally returns all environment variables.
This gives an attacker valuable information about the
configuration of your web server.
Solution : Remove it from /cgi-bin.
Risk factor : Medium
. Warning found on port unknown (8080/tcp)
The 'mailnews' cgi is installed. This CGI has
a well known security flaw that lets an attacker execute arbitrary
commands with the privileges of the http daemon (usually root or nobody).
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CAN-2001-0271
BID : 2391
. Warning found on port unknown (8080/tcp)
Carello.dll was found on your web server.
Versions up to 1.3 of this web shopping cart allowed anybody
to run arbitrary commands on your server.
*** Note that no attack was performed, and the version number was
*** not checked, so this might be a false alert
Solution : Upgrade to the latest version if necessary
Risk factor : Serious
. Warning found on port unknown (8080/tcp)
The 'processit' CGI is installed.
processit normally returns all environment variables.
This gives an attacker valuable information about the
configuration of your web server.
Solution : Remove it from /cgi-bin.
Risk factor : Medium
. Warning found on port unknown (8080/tcp)
The CGI script ppdscgi.exe, part of the PowerPlay
Web Edition package, is installed.
Due to design problems as well as some
potential web server misconfiguration
PowerPlay Web Edition may serve up data
cubes in a non-secure manner. Execution
of the PowerPlay CGI pulls cube data into
files in an unprotected temporary directory.
Those files are then fed back to frames in
the browser. In some cases it is trivial for an
unauthenticated user to tap into those data
files before they are purged.
Solution : Cognos doesn't consider this
problem as being an issue, so they
do not provide any solution.
Risk factor : Medium
BID : 491
. Warning found on port unknown (8080/tcp)
The 'pagelog.cgi' cgi is installed. This CGI has
a well known security flaw that lets an attacker create arbitrary
files on the remote server, ending in .txt, and reading arbitrary
files ending in .txt or .log
*** Warning : this flaw was not tested by Nessus. Check the existence
of /tmp/nessus_pagelog_cgi.txt on this host to find out if you
are vulnerable or not.
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CAN-2000-0940
BID : 1864
. Warning found on port unknown (8080/tcp)
The 'ibillpm.pl' CGI is installed.
Some versions of this CGI use a weak password management system
that can be brute-forced.
** No flaw was tested. Your script might be a safe version.
Solutions : upgrade the script if possible. If not:
1) Move the script elsewhere (security through obscurity)
2) Request that iBill fix it.
3) Configure your web server so that only addreses from ibill.com
may access it.
Risk factor : Low
BID : 3476
. Warning found on port unknown (8080/tcp)
The 'PGPMail.pl' CGI is installed.
Some versions (up to v1.31 a least) of this CGI do not
properly filter user input before using it inside commands.
This would allow a cracker to run any command on your server.
*** Note: Nessus just checked the presence of this CGI
*** but did not try to exploit the flaws.
Solution : remove it from /cgi-bin or upgrade it.
Reference : http://online.securityfocus.com/archive/82/243262
Reference : http://online.securityfocus.com/archive/1/243408
Risk factor : High
CVE : CAN-2001-0937
. Warning found on port unknown (8080/tcp)
/base/webmail/readmsg.php was detected.
Some versions of this CGI allow remote users to read local
files with the permission of the web server.
Note that if the user has a shell access, this kind of attack is
not interesting.
*** Nessus just checked the presence of this file
*** but did not try to exploit the flaw.
Solution : get a newer software from Cobalt
Reference : http://online.securityfocus.com/archive/1/195165
Risk factor : Low
CVE : CAN-2001-1408
. Warning found on port unknown (8080/tcp)
The cgi 'dumpenv.pl' is installed. This
CGI gives away too much information about the web server
configuration, which will help an attacker.
Solution : remove it from /cgi-bin.
Risk factor : Low
CVE : CAN-1999-1178
. Warning found on port unknown (8080/tcp)
The 'nph-test-cgi' CGI is installed. This CGI has
a well known security flaw that lets an attacker get a listing
of the /cgi-bin directory, thus discovering which CGIs are installed
on the remote host.
Solution : remove it from /cgi-bin.
Risk factor : Serious
CVE : CVE-1999-0045
BID : 686
. Warning found on port unknown (8080/tcp)
The 'vpasswd.cgi' CGI is installed. Some versions
do not properly check for special characters and allow
a cracker to execute any command on your system.
*** Warning : Nessus solely relied on the presence of this CGI, it did not
*** determine if you specific version is vulnerable to that problem
Solution : remove it from /cgi-bin.
Risk factor : Serious
. Warning found on port unknown (8080/tcp)
Your website allows read access to the CVS/Entries file.
This exposes all file names in your CVS module on your website.
Change your website permissions to deny access to your CVS directory.
Entries contains the following: <html><body><form><textarea rows="7"
name="text" cols="48"></textarea><br><input
type="Submit"></form></body></html>
. Warning found on port unknown (8080/tcp)
Sunsolve CD CGI scripts does not validate user input.
Crackers may use them to execute some commands on your system.
** Note: Nessus did not try to perform the attack.
Risk factor : High
CVE : CAN-2002-0436
BID : 4269
. Warning found on port unknown (8080/tcp)
Some Web Servers use a file called /robot(s).txt to make search engines and
any other indexing tools visit their WebPages more frequently and
more efficiently.
By connecting to the server and requesting the /robot(s).txt file, an
attacker may gain additional information about the system they are
attacking.
Such information as, restricted directories, hidden directories, cgi script
directories and etc. Take special care not to tell the robots not to index
sensitive directories, since this tells attackers exactly which of your
directories are sensitive.
The file 'robot.txt' contains the following:
<html><body><form><textarea rows="7" name="text"
cols="48"></textarea><br><input type="Submit"></form></body></html>
Risk factor : Medium
. Warning found on port unknown (8080/tcp)
The rpm_query CGI is installed.
This CGI allows anyone who can connect to this
web server to obtain the list of the installed
RPMs.
This allows an attacker to determine the version
number of your installed services, hence making
their attacks more accurate.
Solution : remove this CGI from cgi-bin/
Risk factor : Low
CVE : CVE-2000-0192
BID : 1036
. Information found on port unknown (8080/tcp)
A web server is running on this port
. Information found on port unknown (8080/tcp)
The remote web servers is [mis]configured in that it
does not return '404 Not Found' error codes when
a non-existent file is requested, perhaps returning
a site map or search page instead.
Nessus enabled some counter measures for that, however
they might be insufficient. If a great number of security
holes are produced for this port, they might not all be accurate
. Information found on port unknown (8080/tcp)
The remote web server type is :
AWS (Ada Web Server) v1.3
Solution : We recommend that you configure (if possible) your web server to
return
a bogus Server header in order to not leak information.
. Information found on port unknown (8080/tcp)
The TrendMicro Emanager software resides on this server.
Some versions of this software have vulnerable dlls. If vulnerable,
remote exploit is possible. For more info, visit:
http://www.securityfocus.com/bid/3327
Solution : Remove this CGI or upgrade to the latest version of this software
Risk factor : Medium
CVE : CAN-2001-0958
BID : 3327
. Information found on port unknown (8118/tcp)
A web server is running on this port
------------------------------------------------------
This file was generated by the Nessus Security Scanner
Preben