thttpd_directory_traversal.nasl

漏洞扫描源码,可以扫描linux,windows,交换机路由器

#  This script was written by David Maciejak <david dot maciejak at kyxar dot fr>
#  based on work from
#  (C) Tenable Network Security
#
# This script is released under the GNU GPLv2

if(description)
{
 script_id(14229);
 script_cve_id("CVE-2004-2628");
 script_bugtraq_id(10862);
 if (defined_func("script_xref")) {
   script_xref(name:"OSVDB", value:"8372");
 }
 script_version ("$Revision: 38 $");
 
 name["english"] = "HTTP Directory Traversal (Windows)";
 name["francais"] = "Faille de thttpd";
 script_name(english:name["english"], francais:name["francais"]);
 
 desc["english"] = "
The remote web server is vulnerable to a path traversal vulnerability.

An attacker may exploit this flaw to read arbitrary files on the remote
system with the privileges of the http process.

Solution : upgrade your web server or change it.
Risk factor : High";

 desc["francais"] = "Le serveur HTTP distant
permet