Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2003-2021 Tenable Network Security, Inc.WEBC_CGI_OVERFLOWS.NASL
HistoryApr 04, 2003 - 12:00 a.m.

AutomatedShops WebC.cgi Multiple Overflows

2003-04-0400:00:00
This script is Copyright (C) 2003-2021 Tenable Network Security, Inc.
www.tenable.com
21
JSON

The remote host is running a version of AutomatedShops’s webc.cgi that is older than version 5.020.

This CGI is vulnerable to a remote buffer overflow (up to version 5.005 included) and to a local one (up to version 5.010 included).

An attacker may use this flaw to execute arbitrary code on the remote host.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
#
# Ref:
# From: Carl Livitt <[email protected]>
# To: [email protected]
# Subject: Multiple vulnerabilities in AutomatedShops WebC shopping cart
# Date: Thu, 3 Apr 2003 14:22:36 +0100

include( 'compat.inc' );

if(description)
{
  script_id(11516);
  script_bugtraq_id(7268, 7277);

  script_version("1.16");

  script_name(english:"AutomatedShops WebC.cgi Multiple Overflows");
  script_summary(english:"Checks for the presence of webc.cgi");

  script_set_attribute(
    attribute:'synopsis',
    value:'The remote CGI script is vulnerable to a buffer overflow.'
  );

  script_set_attribute(
    attribute:'description',
    value:"The remote host is running a version of AutomatedShops's webc.cgi
that is older than version 5.020.

This CGI is vulnerable to a remote buffer overflow (up to version 5.005 included)
and to a local one (up to version 5.010 included).

An attacker may use this flaw to execute arbitrary code on the remote
host."
  );

  script_set_attribute(
    attribute:'solution',
    value: "Upgrade to version 5.020."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(
    attribute:'see_also',
    value:'https://www.securityfocus.com/archive/1/317344'
  );

 script_set_attribute(attribute:"plugin_publication_date", value: "2003/04/04");
 script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);

  script_copyright(english:"This script is Copyright (C) 2003-2021 Tenable Network Security, Inc." );
  script_family(english:"CGI abuses");
  script_dependencie("webc_cgi_installed.nasl");
  script_require_ports("Services/www", 80);
  exit(0);
}

#
# The script code starts here
#

include("global_settings.inc");
include("misc_func.inc");
include("http.inc");

port = get_http_port(default:80);

version = get_kb_item(string("www/", port, "/content/webc.cgi/version"));
if(version)
{
 if(ereg(pattern:"([0-4]\..*|5\.0([0-1][0-9])) ", string:version))
 	security_hole(port);
}
JSON