Test Kennung:	1.3.6.1.4.1.25623.1.0.11732
Kategorie:	Web application abuses
Titel:	Webnews.exe vulnerability
Zusammenfassung:	The remote host appears to be running WebNews, which offers web-based; access to Usenet news. This CGI script suffers from a buffer overflow vulnerability.
Beschreibung:	Summary: The remote host appears to be running WebNews, which offers web-based access to Usenet news. This CGI script suffers from a buffer overflow vulnerability. Vulnerability Insight: Some versions of WebNews are prone to a buffer overflow when processing a query string with an overly-long group parameter. Vulnerability Impact: An attacker may be able to leverage this issue to execute arbitrary shell code on the remote host subject to the permissions of the web server user id. Solution: Apply the patch made released by the vendor on February 14th, 2002 if running Webnews 1.1 or older. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	BugTraq ID: 4124 Common Vulnerability Exposure (CVE) ID: CVE-2002-0290 http://www.securityfocus.com/bid/4124 Bugtraq: 20020218 Netwin Webnews Buffer Overflow Vulnerability (#NISR18022002) (Google Search) http://marc.info/?l=bugtraq&m=101413521417638&w=2 http://www.iss.net/security_center/static/8220.php
Copyright	Copyright (C) 2003 John Lampe

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.