vqserver_admin_detect.nasl

漏洞扫描源码,可以扫描linux,windows,交换机路由器

#
# This script was written by Noam Rathaus <noamr@securiteam.com>
#
# See the Nessus Scripts License for details
#
# Changes by rd :
#	- french description
#	- solution
#	- script id

if(description)
{
 script_id(10354);
 script_bugtraq_id(1610);
 script_cve_id("CVE-2000-0766");
 script_version ("$Revision: 38 $");
 name["english"] = "vqServer administrative port";
 name["francais"] = "Port administratif de vqServer";
 
 script_name(english:name["english"], francais:name["francais"]);
 
 desc["english"] = "
vqSoft's vqServer administrative port is open. Brute force guessing of the 
username/password is possible, and a bug in versions 1.9.9 and below 
allows configuration file retrieval remotely.

For more information, see:
http://www.securiteam.com/windowsntfocus/Some_Web_servers_are_still_vulnerable_to_the_dotdotdot_vulnerability.html

Solution: close this port for outside access.

Risk factor : Medium";

 desc["francais"] = "
Le port administratif de vqServer de vqSoft est ouvert. Un pirate
peut tenter d'obtenir la combinaison login/password par force
brute, et un bug dans les version 1.9.9 et pr閏閐entes
permettent