ID de Prueba:	1.3.6.1.4.1.25623.1.0.10818
Categoría:	Web application abuses
Título:	Alchemy Eye HTTP Command Execution
Resumen:	Alchemy Eye and Alchemy Network Monitor are network management; tools for Microsoft Windows. The product contains a built-in HTTP; server for remote monitoring and control. This HTTP server allows; arbitrary commands to be run on the server by a remote attacker.
Descripción:	Summary: Alchemy Eye and Alchemy Network Monitor are network management tools for Microsoft Windows. The product contains a built-in HTTP server for remote monitoring and control. This HTTP server allows arbitrary commands to be run on the server by a remote attacker. Solution: Either disable HTTP access in Alchemy Eye, or require authentication for Alchemy Eye. Both of these can be set in the Alchemy Eye preferences. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2001-0871 BugTraq ID: 3599 http://www.securityfocus.com/bid/3599 Bugtraq: 20011129 Rapid 7 Advisory R7-0001: Alchemy Eye HTTP Remote Command Execution (Google Search) http://marc.info/?l=bugtraq&m=100714173510535&w=2 CERT/CC vulnerability note: VU#220715 http://www.kb.cert.org/vuls/id/220715 XForce ISS Database: alchemy-http-dot-commands(7625) https://exchange.xforce.ibmcloud.com/vulnerabilities/7625 XForce ISS Database: alchemy-http-dot-variant(7626) https://exchange.xforce.ibmcloud.com/vulnerabilities/7626
Copyright	Copyright (C) 2001 HD Moore & Drew Hintz

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.