Test ID:	1.3.6.1.4.1.25623.1.0.10818
Category:	Web application abuses
Title:	Alchemy Eye HTTP Command Execution
Summary:	Alchemy Eye and Alchemy Network Monitor are network management; tools for Microsoft Windows. The product contains a built-in HTTP; server for remote monitoring and control. This HTTP server allows; arbitrary commands to be run on the server by a remote attacker.
Description:	Summary: Alchemy Eye and Alchemy Network Monitor are network management tools for Microsoft Windows. The product contains a built-in HTTP server for remote monitoring and control. This HTTP server allows arbitrary commands to be run on the server by a remote attacker. Solution: Either disable HTTP access in Alchemy Eye, or require authentication for Alchemy Eye. Both of these can be set in the Alchemy Eye preferences. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2001-0871 BugTraq ID: 3599 http://www.securityfocus.com/bid/3599 Bugtraq: 20011129 Rapid 7 Advisory R7-0001: Alchemy Eye HTTP Remote Command Execution (Google Search) http://marc.info/?l=bugtraq&m=100714173510535&w=2 CERT/CC vulnerability note: VU#220715 http://www.kb.cert.org/vuls/id/220715 XForce ISS Database: alchemy-http-dot-commands(7625) https://exchange.xforce.ibmcloud.com/vulnerabilities/7625 XForce ISS Database: alchemy-http-dot-variant(7626) https://exchange.xforce.ibmcloud.com/vulnerabilities/7626
Copyright	Copyright (C) 2001 HD Moore & Drew Hintz

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.