kbwebserver_percent00.nasl

来自「漏洞扫描源码,可以扫描linux,windows,交换机路由器」· NASL 代码 · 共 32 行

#
# This script was written by Michel Arboi <arboi@alussinan.org> starting
# from roxen_percent.nasl
#
# GNU Public Licence
#
# References:
# From:"Securiteinfo.com" <webmaster@securiteinfo.com>
# To:nobody@securiteinfo.com
# Date: Sun, 7 Jul 2002 21:42:47 +0200 
# Message-Id: <02070721424701.01082@scrap>
# Subject: [VulnWatch] KF Web Server version 1.0.2 shows file and directory content
#

if(description)
{
 script_id(11166);
 script_version ("$Revision: 38 $");
 name["english"] = "KF Web Server /%00 bug";
 
 script_name(english:name["english"]);
 
 desc["english"] = "
Requesting a URL with '/%00' appended to it
makes some versions of KF Web Server to dump the listing of the  
directory, thus showing potentially sensitive files.

Risk factor : High
Solution : upgrade to the latest version of KF Web Server";

 desc["francais"] = "Demander une URL finissant par '/%00' 
force certaines versions de KF Web Server