Hi!
I just did a scan with current everything from HEAD and dangerous
plugins disabled. Here are three lines of the resulting .nbe file:
results|localhost|localhost|netbios-ssn (139/tcp)|11398|Security Hole|Byte's Interactive Web Shopper\n(shopper.cgi) allows for retrieval of arbitrary files\nfrom the web server. Both Versions 1.0 and 2.0 are\naffected.\n\nExample:\n GET /cgi-bin/shopper.cgi?newpage=../../../../etc/passwd\n\nwill return /etc/passwd.\n\nSolution: Uncomment the #$debug=1 variable in the script\nso that it will check for, and disallow, viewing of\narbitrary files.\n\nRisk factor : High\nCVE : CVE-2000-0922\nBID : 1776\n
results|localhost|localhost|domain (53/udp)|12217|Security Note|Byte's Interactive Web Shopper\n(shopper.cgi) allows for retrieval of arbitrary files\nfrom the web server. Both Versions 1.0 and 2.0 are\naffected.\n\nExample:\n GET /cgi-bin/shopper.cgi?newpage=../../../../etc/passwd\n\nwill return /etc/passwd.\n\nSolution: Uncomment the #$debug=1 variable in the script\nso that it will check for, and disallow, viewing of\narbitrary files.\n\nRisk factor : High\nCVE : CVE-2000-0922\nBID : 1776\n
results|localhost|localhost|xdmcp (177/udp)|10891|Security Warning|Byte's Interactive Web Shopper\n(shopper.cgi) allows for retrieval of arbitrary files\nfrom the web server. Both Versions 1.0 and 2.0 are\naffected.\n\nExample:\n GET /cgi-bin/shopper.cgi?newpage=../../../../etc/passwd\n\nwill return /etc/passwd.\n\nSolution: Uncomment the #$debug=1 variable in the script\nso that it will check for, and disallow, viewing of\narbitrary files.\n\nRisk factor : High\nCVE : CVE-2000-0922\nBID : 1776\n
There is no shopper.cgi on my machine.
On a second scan (keeping the connection) the server connection died:
[Fri Dec 10 08:52:06 2004][26294] SIGSEGV occured !
The corresponding plugin (10533) is the last one in its category,
maybe this is a problem.
Thomas
--
Email: thomas@intevation.de
http://intevation.de/~thomas/
I just did a scan with current everything from HEAD and dangerous
plugins disabled. Here are three lines of the resulting .nbe file:
results|localhost|localhost|netbios-ssn (139/tcp)|11398|Security Hole|Byte's Interactive Web Shopper\n(shopper.cgi) allows for retrieval of arbitrary files\nfrom the web server. Both Versions 1.0 and 2.0 are\naffected.\n\nExample:\n GET /cgi-bin/shopper.cgi?newpage=../../../../etc/passwd\n\nwill return /etc/passwd.\n\nSolution: Uncomment the #$debug=1 variable in the script\nso that it will check for, and disallow, viewing of\narbitrary files.\n\nRisk factor : High\nCVE : CVE-2000-0922\nBID : 1776\n
results|localhost|localhost|domain (53/udp)|12217|Security Note|Byte's Interactive Web Shopper\n(shopper.cgi) allows for retrieval of arbitrary files\nfrom the web server. Both Versions 1.0 and 2.0 are\naffected.\n\nExample:\n GET /cgi-bin/shopper.cgi?newpage=../../../../etc/passwd\n\nwill return /etc/passwd.\n\nSolution: Uncomment the #$debug=1 variable in the script\nso that it will check for, and disallow, viewing of\narbitrary files.\n\nRisk factor : High\nCVE : CVE-2000-0922\nBID : 1776\n
results|localhost|localhost|xdmcp (177/udp)|10891|Security Warning|Byte's Interactive Web Shopper\n(shopper.cgi) allows for retrieval of arbitrary files\nfrom the web server. Both Versions 1.0 and 2.0 are\naffected.\n\nExample:\n GET /cgi-bin/shopper.cgi?newpage=../../../../etc/passwd\n\nwill return /etc/passwd.\n\nSolution: Uncomment the #$debug=1 variable in the script\nso that it will check for, and disallow, viewing of\narbitrary files.\n\nRisk factor : High\nCVE : CVE-2000-0922\nBID : 1776\n
There is no shopper.cgi on my machine.
On a second scan (keeping the connection) the server connection died:
[Fri Dec 10 08:52:06 2004][26294] SIGSEGV occured !
The corresponding plugin (10533) is the last one in its category,
maybe this is a problem.
Thomas
--
Email: thomas@intevation.de
http://intevation.de/~thomas/