Open Source Security Tools : Practical Guide to Security Applications part 50 ppt
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (109.65 KB, 10 trang )
Appendix E • Nessus Plug-ins 469
Family Plug-in Name
CVE ID
Number(s)
BugTraq ID
Number(s)
CGI abuses Webnews.exe vulner-
ability
CVE-2002-0290 4124
CGI abuses Post-Nuke SQL injection 7697
CGI abuses Infinity CGI Exploit
Scanner
7910, 7911, 7913
CGI abuses Hidden WWW server
name
CGI abuses Tomcat 4.x JSP Source
Exposure
CGI abuses PHP-Nuke copying files
security vulnerability
(admin.php)
CVE-2001-1032 3361
CGI abuses A1Stats Traversal CAN-2001-0561 2705
CGI abuses ColdFusion Debug Mode
CGI abuses CWmail.exe vulnerability CAN-2002-0273 4093
CGI abuses PayPal Store Front code
injection
8791
CGI abuses osCommerce Cross Site
Scripting Bugs
7156, 7151, 7153,
7158, 7155
CGI abuses StellarDocs Path
Disclosure
8385
CGI abuses vpopmail.php command
execution
7063
CGI abuses Mantis Multiple Flaws CAN-2002-1110,
CAN-2002-1111,
CAN-2002-1112,
CAN-2002-1113,
CAN-2002-1114
5563, 5565, 5509,
5504, 5510, 5514,
5515
CGI abuses Xoops XSS 7356
CGI abuses DCP-Portal Cross Site
Scripting Bugs
7144, 7141
Howlett_AppE.fm Page 469 Friday, June 25, 2004 1:50 PM
470 Appendix E • Nessus Plug-ins
Family Plug-in Name
CVE ID
Number(s)
BugTraq ID
Number(s)
CGI abuses cgiWebupdate.exe
vulnerability
CAN-2001-1150 3216
CGI abuses Basilix includes download CAN-2001-1044 2198
CGI abuses idq.dll directory traversal CAN-2000-0126 968
CGI abuses fpcount.exe overflow CAN-1999-1376
CGI abuses Codebrws.asp Source
Disclosure Vulnerability
CAN-1999-0739
CGI abuses Webcart misconfiguration CAN-1999-0610 2281
CGI abuses miniPortail Cookie Admin
Access
CAN-2003-0272
CGI abuses Justice guestbook 7233, 7234
CGI abuses Hosting Controller
vulnerable ASP pages
CAN-2002-0466 3808
CGI abuses FAQManager Arbitrary
File Reading Vulnerability
3810
CGI abuses Kebi Academy Directory
Traversal
7125
CGI abuses phptonuke directory
traversal
CGI abuses Buffer overflow in
WebSitePro webfind.exe
CVE-2000-0622 1487
CGI abuses mod_python handle abuse CVE-2002-0185 4656
CGI abuses webgais CVE-1999-0176 2058
CGI abuses GOsa code injection
CGI abuses ShopPlus Arbitrary
Command Execution
CAN-2001-0992
CGI abuses Kietu code injection
CGI abuses Pod.Board Forum_
Details.PHP Cross Site
Scripting
7933
Howlett_AppE.fm Page 470 Friday, June 25, 2004 1:50 PM
Appendix E • Nessus Plug-ins 471
Family Plug-in Name
CVE ID
Number(s)
BugTraq ID
Number(s)
CGI abuses WebAdmin detection
CGI abuses php < 4.3.3 8201
CGI abuses textcounter.pl CVE-1999-1479 2265
CGI abuses Carello detection
CGI abuses popper_mod CVE-2002-0513,
CAN-2002-0513
4412
CGI abuses WebActive world read-
able log file
CVE-2000-0642 1497
CGI abuses Count.cgi CVE-1999-0021 128
CGI abuses SunSolve CD CGI user
input validation
CAN-2002-0436 4269
CGI abuses JWalk server traversal 7160
CGI abuses ASP source using %2e
trick
CAN-1999-0253 1814
CGI abuses TrueGalerie admin access 7427
CGI abuses webcart.cgi 3453
CGI abuses IIS Remote Command
Execution
CVE-2001-0507,
CVE-2001-0333
2708
CGI abuses viralator CAN-2001-0849
CGI abuses Lotus Domino admini-
stration databases
CAN-2000-0021,
CAN-2002-0664
881
CGI abuses bb-hostsvc.sh CVE-2000-0638 1455
CGI abuses ScozBook flaws 7235, 7236
CGI abuses Nuked-Klan function
execution
6916, 6917, 6697,
6699, 6700
CGI abuses mod_frontpage installed CAN-2002-0427 4251
CGI abuses IIS XSS via 404 error CVE-2002-0148,
CAN-2002-0150
4483
CGI abuses SQL injection in phpBB 7979
Howlett_AppE.fm Page 471 Friday, June 25, 2004 1:50 PM
472 Appendix E • Nessus Plug-ins
Family Plug-in Name
CVE ID
Number(s)
BugTraq ID
Number(s)
CGI abuses Bugzilla XSS and insecure
temporary filenames
7412
CGI abuses Handler CVE-1999-0148 380
CGI abuses nsiislog.dll DoS CAN-2003-0227,
CAN-2003-0349
8035
CGI abuses Web Wiz Site News data-
base disclosure
CGI abuses pfdispaly CVE-1999-0270
CGI abuses Zope Image updating
Method
CVE-2000-0062 922
CGI abuses Post-Nuke Multiple XSS 7898, 7901
CGI abuses dcforum CVE-2001-0436 2728
CGI abuses Home Free search.cgi
directory traversal
CAN-2000-0054 921
CGI abuses ctss.idc check
CGI abuses CVSWeb detection
CGI abuses Cross-Referencing Linux
(lxr) file reading
7062
CGI abuses Oracle 9iAS Jsp Source
File Reading
CAN-2002-0562 4034
CGI abuses Basilix webmail dummy
request vulnerability
CAN-2001-1045 2995
CGI abuses mailnews.cgi CAN-2001-0271 2391
CGI abuses Zope installation path
disclose
5806
CGI abuses Windmail.exe allows any
user to execute arbitrary
commands
CAN-2000-0242 1073
CGI abuses tst.bat CGI vulnerability CAN-1999-0885 770
Howlett_AppE.fm Page 472 Friday, June 25, 2004 1:50 PM
Appendix E • Nessus Plug-ins 473
Family Plug-in Name
CVE ID
Number(s)
BugTraq ID
Number(s)
CGI abuses MacOS X Finder reveals
contents of Apache Web
directories
3316
CGI abuses Directory Manager’s
edit_image.php
CVE-2001-1020 3288
CGI abuses mod_ssl wildcard DNS
cross site scripting
vulnerability
CAN-2002-1157 6029
CGI abuses calendar_admin.pl CVE-2000-0432 1215
CGI abuses ezPublish config
disclosure
7349, 7347
CGI abuses ImageFolio Default
Password
CGI abuses Netscape FastTrack ‘get’ CVE-1999-0239 481
CGI abuses StockMan Shopping Cart
Path disclosure
CGI abuses Power Up Information
Disclosure
CAN-2001-1138 3304
CGI abuses texi.exe path disclosure CAN-2002-0266 4035
CGI abuses Cold Fusion Administra-
tion Page Overflow
CVE-2000-0538 1314
CGI abuses spin_client.cgi buffer
overrun
CGI abuses wwwwais CAN-2001-0223
CGI abuses ServletExec 4.1 ISAPI
Physical Path Disclosure
CVE-2002-0892 4793
CGI abuses Wordit Logbook 7043
CGI abuses csSearch.cgi CVE-2002-0495 4368
CGI abuses iXmail SQL injection 8047
CGI abuses netscape publishingXpert
2 PSUser problem
CVE-2000-1196
Howlett_AppE.fm Page 473 Friday, June 25, 2004 1:50 PM
474 Appendix E • Nessus Plug-ins
Family Plug-in Name
CVE ID
Number(s)
BugTraq ID
Number(s)
CGI abuses ClearTrust XSS 7108
CGI abuses zentrack files reading
CGI abuses pmachine cross site
scripting
7980, 7981
CGI abuses zentrack code injection
CGI abuses JBoss source disclosure 7764
CGI abuses Ecartis Username
Spoofing
CAN-2003-0162 6971
CGI abuses SunONE Application
Server source disclosure
CGI abuses Various dangerous cgi
scripts
CAN-1999-1072,
CAN-2002-0749,
CAN-2001-0135,
CAN-2002-0955,
CAN-2001-0562,
CAN-2002-0346,
CVE-2000-0923,
CVE-2001-0123
CGI abuses Unprotected SiteScope
Service
CGI abuses RDS / MDAC Vulnerabil-
ity (msadcs.dll) located
CVE-1999-1011 529
CGI abuses iPlanet Directory Server
traversal
CVE-2000-1075 1839
CGI abuses vpasswd.cgi
CGI abuses Zope DoS CVE-2000-0483 1354
CGI abuses Check for dangerous IIS
default files
CAN-1999-0737
CGI abuses Apache Tomcat Trouble-
Shooter Servlet Installed
4575
CGI abuses hsx directory traversal CAN-2001-0253 2314
Howlett_AppE.fm Page 474 Friday, June 25, 2004 1:50 PM
Appendix E • Nessus Plug-ins 475
Family Plug-in Name
CVE ID
Number(s)
BugTraq ID
Number(s)
CGI abuses ASP/ASA source using
Microsoft Translate f: bug
CVE-2000-0778 1578
CGI abuses myphpPageTool code
injection
CGI abuses IIS Global.asa Retrieval
CGI abuses Unpassworded iiprotect
administrative interface
CGI abuses JRun’s viewsource.jsp CVE-2000-0539 1386
CGI abuses ActiveState Perl directory
traversal
CGI abuses AutomatedShops
WebC.cgi installed
CGI abuses Mambo Site Server
Cookie Validation
6926
CGI abuses ActivePerl perlIS.dll
Buffer Overflow
CVE-2001-0815 3526
CGI abuses ASP.NET path disclosure
CGI abuses Bandmin XSS CAN-2003-0416 7729
CGI abuses IIS possible DoS using
ExAir’s advsearch
CVE-1999-0449 193
CGI abuses Roxen Server /%00/ bug CVE-2000-0671 1510
CGI abuses Alchemy Eye HTTP
Command Execution
CAN-2001-0871 3599
CGI abuses myguestbk admin access 7213
CGI abuses Checks for listrec.pl CAN-2001-0997
CGI abuses phpinfo.php
CGI abuses TMax Soft Jeus Cross Site
Scripting
7969
CGI abuses ROADS’ search.pl CVE-2001-0215 2371
Howlett_AppE.fm Page 475 Friday, June 25, 2004 1:50 PM
476 Appendix E • Nessus Plug-ins
Family Plug-in Name
CVE ID
Number(s)
BugTraq ID
Number(s)
CGI abuses ServletExec 4.1 ISAPI
File Reading
CAN-2002-0893 4795
CGI abuses GeekLog SQL vulns CAN-2002-0962,
CVE-2002-0096,
CVE-2002-0097
7742, 7744, 6601,
6602, 6603, 6604
CGI abuses Campas CVE-1999-0146 1975
CGI abuses CSNews.cgi vulnerability CVE-2002-0923 4994
CGI abuses zml.cgi Directory
Traversal
CAN-2001-1209 3759
CGI abuses VirusWall’s catinfo
overflow
CAN-2001-0432 2579
CGI abuses Macromedia ColdFusion
MX Path Disclosure
Vulnerability
7443
CGI abuses Invision PowerBoard code
injection
6976, 7204
CGI abuses processit
CGI abuses ideabox code injection 7488
CGI abuses biztalk server flaws CAN-2003-0117,
CAN-2003-0118
7469, 7470
CGI abuses overflow.cgi detection
CGI abuses HappyMall Command
Execution
CAN-2003-0243
CGI abuses Bugzilla Detection
CGI abuses phpMyAdmin arbitrary
files reading
CAN-2001-0478 2642
CGI abuses BLnews code injection 7677
CGI abuses CGIEmail’s CGICso
(Send CSO via CGI)
Command Execution
Vulnerability
6141
Howlett_AppE.fm Page 476 Friday, June 25, 2004 1:50 PM
Appendix E • Nessus Plug-ins 477
Family Plug-in Name
CVE ID
Number(s)
BugTraq ID
Number(s)
CGI abuses Savant cgitest.exe buffer
overflow
CGI abuses OmniHTTPd visadmin
exploit
CAN-1999-0970 1808
CGI abuses ArGoSoft Mail Server
multiple flaws
7608, 7610, 5906,
5395, 5144
CGI abuses Faxsurvey CVE-1999-0262 2056
CGI abuses AN HTTPd count.pl file
truncation
7397
CGI abuses BadBlue invalid null byte
vulnerability
CAN-2002-1021 5226
CGI abuses WebLogic clear-text
passwords
CGI abuses get32.exe vulnerability CAN-1999-0885 770
CGI abuses IIS ASP.NET Application
Trace Enabled
CGI abuses Tests for Nimda Worm
infected HTML files
CGI abuses php4 multiple flaws CAN-2003-0442 8693, 8696
CGI abuses XMB Cross Site Scripting CAN-2002-0316,
CAN-2003-0375
4944, 8013
CGI abuses w3-msql overflow CVE-2000-0012 898
CGI abuses Horde and IMP test
disclosure
CGI abuses EZsite Forum Discloses
Passwords to Remote
Users
CGI abuses directory.php CAN-2002-0434 4278
CGI abuses ping.asp
CGI abuses Oracle 9iAS mod_plsql
cross site scripting
Howlett_AppE.fm Page 477 Friday, June 25, 2004 1:50 PM
478 Appendix E • Nessus Plug-ins
Family Plug-in Name
CVE ID
Number(s)
BugTraq ID
Number(s)
CGI abuses readfile.tcl
CGI abuses Awol code injection CVE-2001-1048 3387
CGI abuses Web mirroring
CGI abuses Mambo Site Server 4.0.10
XSS
7135
CGI abuses phpWebSite multiple
flaws
CGI abuses OmniPro HTTPd 2.08
scripts source full dis-
closure
2788
CGI abuses CGIEmail’s Cross Site
Scripting Vulnerability
(cgicso)
CGI abuses IIS perl.exe problem CAN-1999-0450 194
CGI abuses Instaboard SQL injection 7338
CGI abuses vBulletin’s Calender
Command Execution
Vulnerability
CVE-2001-0475 2474
CGI abuses smb2www installed
CGI abuses PHP Rocket Add-in File
Traversal
CAN-2001-1204 3751
CGI abuses sendtemp.pl CAN-2001-0272 2504
CGI abuses IIS 5.0 Sample App
reveals physical path of
web root
CGI abuses SWC Overflow
CGI abuses SilverStream database
structure
CGI abuses Jakarta Tomcat Path
Disclosure
CAN-2000-0759 1531
CGI abuses ASP source using %20
trick
CAN-2001-1248 2975
Howlett_AppE.fm Page 478 Friday, June 25, 2004 1:50 PM
