cvsweb_version.nasl

漏洞扫描源码,可以扫描linux,windows,交换机路由器

#
# This script was written by Noam Rathaus <noamr@securiteam.com>
#
# See the Nessus Scripts License for details
#
# Changes by rd :
# - script id
# - french desc.
# - more verbose report
# - hole -> warning
# 



if(description)
{
 script_id(10402);
 script_version ("$Revision: 38 $");
 
 name["english"] = "CVSWeb detection";
 name["francais"] = "Detection de CVSWeb";
 script_name(english:name["english"], francais:name["francais"]);
 
 
desc["english"] = "
CVSWeb is used by hosts to share programming source 
code. Some web sites are misconfigured and allow access
to their sensitive source code without any password protection. 
This plugin tries to detect the presence of a CVSWeb CGI and
when it finds it, it tries to obtain its version.

Risk factor : Low
Solution : Password protect the CGI if unauthorized access isn't wanted";



desc["francais"] = "
CVSWeb est utilis