ws4e_too_long_url.nasl

漏洞扫描源码,可以扫描linux,windows,交换机路由器

#
# This script was written by Michel Arboi <arboi@alussinan.org>
#
# GNU Public Licence
#
# Some vulnerable servers:
# WebServer 4 Everyone v1.28
#
#
########################
# References:
########################
# From:"Tamer Sahin" <ts@securityoffice.net>
# To:bugtraq@securityfocus.com
# Subject: [SecurityOffice] Web Server 4 Everyone v1.28 Host Field Denial of Service Vulnerability
#
########################

if(description)
{
 script_id(11167);
 script_bugtraq_id(5967);
 script_cve_id("CVE-2002-1212");
 script_version ("$Revision: 38 $");
 
 name["english"] = "Webserver4everyone too long URL";
 name["francais"] = "URL trop longue dans Webserver4everyone";
 script_name(english:name["english"], francais:name["francais"]);
 
 desc["english"] = "
It may be possible to make Webserver4everyone execute
arbitrary code by sending it a too long url with 
the Host: field set to 127.0.0.1

Risk factor : High

Solution : Upgrade your web server.";

 desc["francais"] = "
Il serait possible de faire ex閏uter du code arbitraire