rich_media_ecommerce_stores_sensitive_information_insecurely.nasl

来自「漏洞扫描源码,可以扫描linux,windows,交换机路由器」· NASL 代码 · 共 71 行

NASL

71 行

## Script audit and contributions from Carmichael Security <http://www.carmichaelsecurity.com>#      Erik Anderson <eanders@carmichaelsecurity.com>#      Added BugtraqIDif(description){ script_id(10874); script_bugtraq_id(4172); script_version("$Revision: 38 $"); name["english"] = "Rich Media E-Commerce Stores Sensitive Information Insecurely"; script_name(english:name["english"]);  desc["english"] = "A security vulnerability in Rich Media's JustAddCommerce  allows attackers to gain sensitive client information by accessing a log file that is stored in an insecure mannerRisk factor : MediumSolution : contact the vendor for a patchSee also : http://www.securiteam.com/windowsntfocus/5XP0N0A6AU.html"; script_description(english:desc["english"]);  summary["english"] = "Rich Media E-Commerce Stores Sensitive Information Insecurely";  script_summary(english:summary["english"]);  script_category(ACT_GATHER_INFO);  script_copyright(english:"This script is Copyright (C) 2002 SecurITeam"); family["english"] = "CGI abuses"; script_family(english:family["english"]); script_dependencie("find_service.nes", "no404.nasl"); script_require_ports("Services/www", 80); exit(0);}include("http_func.inc");include("http_keepalive.inc");# Check starts herefunction check(req){  req = http_get(item:req, port:port);   buf = http_keepalive_send_recv(port:port, data:req);  if( buf == NULL ) exit(0);  if (("HttpPost Retry" >< buf) && ("checkouthtml" >< buf) && ("password" >< buf))  {   	security_warning(port:port);	exit(0);  } return(0);}port = get_http_port(default:80);if(!get_port_state(port))exit(0);check(req:"/rtm.log");foreach dir (cgi_dirs()){check(req:string(dir, "/rtm.log"));}

rich_media_ecommerce_stores_sensitive_information_insecurely.nasl - 源码说明

本页面展示了「漏洞扫描源码,可以扫描linux,windows,交换机路由器」中的 rich_media_ecommerce_stores_sensitive_information_insecurely.nasl 源码文件，采用 NASL 编程语言编写，共 71 行代码。您可以在线阅读完整代码内容，也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与windows相关的技术资源，包括源代码、技术文档、电路图等，是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C

搜索代码Ctrl + F

全屏模式F11

增大字号Ctrl + =

减小字号Ctrl + -

显示快捷键?