CGI abuses : ASPrunner multiple flaws

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.14233

Categoría: CGI abuses

Título: ASPrunner multiple flaws

Resumen: NOSUMMARY

Descripción: Description:

The remote host is running ASPrunner prior to version 2.5.
There are multiple flaws in this version of ASPrunner which
would enable a remote attacker to read and/or modify potentially
confidential data.

An attacker, exploiting this flaw, would need access to the
webserver via the network.

Solution : Upgrade to latest version of ASPrunner

See also : http://www.securityfocus.com/bid/10799

Risk factor : High

Referencia Cruzada: BugTraq ID: 10799
Common Vulnerability Exposure (CVE) ID: CVE-2004-2060
http://www.securityfocus.com/bid/10799
Bugtraq: 20040726 ASPRunner Multiple Vulnerabilities (Google Search)
http://marc.info/?l=bugtraq&m=109086977330418&w=2
http://ferruh.mavituna.com/article/?574
http://www.osvdb.org/8253
http://securitytracker.com/id?1010777
http://secunia.com/advisories/12164
http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0011.html
XForce ISS Database: asprunner-database-file-access(16802)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16802
Common Vulnerability Exposure (CVE) ID: CVE-2004-2059
http://www.osvdb.org/8254
http://www.osvdb.org/8255
http://www.osvdb.org/8256
http://www.osvdb.org/8257
XForce ISS Database: asprunner-xss(16801)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16801
Common Vulnerability Exposure (CVE) ID: CVE-2004-2058
http://www.osvdb.org/8252
XForce ISS Database: asprunner-information-disclosure(16800)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16800
Common Vulnerability Exposure (CVE) ID: CVE-2004-2057
http://www.osvdb.org/8251
XForce ISS Database: asprunner-sql-injection(16799)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16799

Copyright This script is Copyright (C) Tenable Network Security

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.14233
Categoría:	CGI abuses
Título:	ASPrunner multiple flaws
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is running ASPrunner prior to version 2.5. There are multiple flaws in this version of ASPrunner which would enable a remote attacker to read and/or modify potentially confidential data. An attacker, exploiting this flaw, would need access to the webserver via the network. Solution : Upgrade to latest version of ASPrunner See also : http://www.securityfocus.com/bid/10799 Risk factor : High
Referencia Cruzada:	BugTraq ID: 10799 Common Vulnerability Exposure (CVE) ID: CVE-2004-2060 http://www.securityfocus.com/bid/10799 Bugtraq: 20040726 ASPRunner Multiple Vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=109086977330418&w=2 http://ferruh.mavituna.com/article/?574 http://www.osvdb.org/8253 http://securitytracker.com/id?1010777 http://secunia.com/advisories/12164 http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0011.html XForce ISS Database: asprunner-database-file-access(16802) https://exchange.xforce.ibmcloud.com/vulnerabilities/16802 Common Vulnerability Exposure (CVE) ID: CVE-2004-2059 http://www.osvdb.org/8254 http://www.osvdb.org/8255 http://www.osvdb.org/8256 http://www.osvdb.org/8257 XForce ISS Database: asprunner-xss(16801) https://exchange.xforce.ibmcloud.com/vulnerabilities/16801 Common Vulnerability Exposure (CVE) ID: CVE-2004-2058 http://www.osvdb.org/8252 XForce ISS Database: asprunner-information-disclosure(16800) https://exchange.xforce.ibmcloud.com/vulnerabilities/16800 Common Vulnerability Exposure (CVE) ID: CVE-2004-2057 http://www.osvdb.org/8251 XForce ISS Database: asprunner-sql-injection(16799) https://exchange.xforce.ibmcloud.com/vulnerabilities/16799
Copyright	This script is Copyright (C) Tenable Network Security