📄 ewave_servlet_upload.nasl

📁 漏洞扫描源码,可以扫描linux,windows,交换机路由器

💻 NASL

字号:

## This script was written by Matt Moore <matt.moore@westpoint.ltd.uk>## See the Nessus Scripts License for details#if(description){ script_id(10570); script_bugtraq_id(1876); script_version ("$Revision: 116 $"); script_cve_id("CVE-2000-1024"); name["english"] = "Unify eWave ServletExec 3.0C file upload"; name["francais"] = "Unify eWave ServletExec 3.0C file upload"; script_name(english:name["english"], francais:name["francais"]);  desc["english"] = "ServletExec has a servlet called 'UploadServlet' in its serverside classes. UploadServlet, when invokable, allows anattacker to upload any file to any directory on the server. Theuploaded file may have code that can later be executed on theserver, leading to remote command execution.Solution : Remove itRisk factor : High";  script_description(english:desc["english"]);  summary["english"] = "Unify eWave ServletExec 3.0C file upload"; summary["francais"] = "Unify eWave ServletExec 3.0C file upload";  script_summary(english:summary["english"], francais:summary["francais"]);  script_category(ACT_GATHER_INFO);  script_copyright(english:"This script is Copyright (C) 2000 Matt Moore",		francais:"Ce script est Copyright (C) 2000 Matt Moore"); family["english"] = "CGI abuses"; family["francais"] = "Abus de CGI"; script_family(english:family["english"], francais:family["francais"]); script_dependencie("http_version.nasl"); script_require_ports("Services/www", 80); exit(0);}# Check starts hereinclude("http_func.inc");include("http_keepalive.inc");include("global_settings.inc");if ( report_paranoia < 2 ) exit(0);port = get_http_port(default:80);res = is_cgi_installed_ka(item:"/servlet/openvas." + string(rand(),rand(), rand()), port:port);if ( res ) exit(0);res = is_cgi_installed_ka(item:"/servlet/com.unify.servletexec.UploadServlet", port:port);if(res){ security_hole(port);}

⌨️ 快捷键说明

复制代码 Ctrl + C

搜索代码 Ctrl + F

全屏模式 F11

切换主题 Ctrl + Shift + D

显示快捷键 ?

增大字号 Ctrl + =

减小字号 Ctrl + -