Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2004 Michel ArboiOPENVAS:136141256231010049
HistoryNov 03, 2005 - 12:00 a.m.

Count.cgi

2005-11-0300:00:00
Copyright (C) 2004 Michel Arboi
plugins.openvas.org
21

AI Score

6.8

Confidence

Low

EPSS

0.09

Percentile

94.6%

JSON

An old version of

# SPDX-FileCopyrightText: 2004 Michel Arboi
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.10049");
  script_version("2023-08-01T13:29:10+0000");
  script_tag(name:"last_modification", value:"2023-08-01 13:29:10 +0000 (Tue, 01 Aug 2023)");
  script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/128");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_cve_id("CVE-1999-0021");
  script_name("Count.cgi");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2004 Michel Arboi");
  script_family("Web application abuses");
  script_dependencies("find_service.nasl", "no404.nasl", "webmirror.nasl", "DDI_Directory_Scanner.nasl", "global_settings.nasl");
  script_require_ports("Services/www", 80);
  script_exclude_keys("Settings/disable_cgi_scanning");

  script_tag(name:"solution", value:"Upgrade to wwwcount 2.4 or later.");

  script_tag(name:"summary", value:"An old version of 'Count.cgi' cgi is installed.
  It has a well known security flaw that lets anyone execute arbitrary
  commands with the privileges of the http daemon (root, www, nobody...)");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"remote_banner");

  exit(0);
}

include("http_func.inc");
include("http_keepalive.inc");
include("port_service_func.inc");
include("list_array_func.inc");

port = http_get_port( default:80 );

foreach dir( make_list_unique( "/", http_cgi_dirs( port:port ) ) ) {

  if( dir == "/" )
    dir = "";

  url = strcat( dir, "/Count.cgi?align=topcenter" );

  req = http_get( port:port, item:url );
  res = http_keepalive_send_recv( port:port, data:req );

  res = strstr( res, "Count.cgi " );
  if( res && ereg( string:res, pattern:".*Count\.cgi +([01]\.[0-9]+|2\.[0-3]+)" ) ) {
    report = http_report_vuln_url( port:port, url:url );
    security_message( port:port, data:report );
    exit( 0 );
  }
}

exit( 99 );

Related

cve 2
seebug 1
cvelist 2
nessus 1
exploitdb 1
nvd 1
cve
cve
CVE-1999-0021
1999-09-29 04:00:00
CVE-1999-1590
2006-12-03 11:00:00
seebug
seebug
Count.cgi(wwwcount)θΏœη¨‹ηΌ“ε†²εŒΊζΊ’ε‡ΊζΌζ΄ž
2008-10-25 00:00:00
cvelist
cvelist
CVE-1999-0021
1999-09-29 04:00:00
CVE-1999-1590
2006-12-03 11:00:00
nessus
nessus
wwwcount Count.cgi Remote Overflow
1999-06-22 00:00:00
exploitdb
exploitdb
Muhammad A. Muquit wwwcount 2.3 - 'Count.cgi' Remote Buffer Overflow
1997-10-16 00:00:00
nvd
nvd
CVE-1999-1590
1999-12-31 05:00:00

AI Score

6.8

Confidence

Low

EPSS

0.09

Percentile

94.6%

JSON
Related for OPENVAS:136141256231010049
cve2seebug1cvelist2nessus1exploitdb1nvd1