CGI abuses : WHM AutoPilot Multiple Vulnerabilities

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.16070

Category: CGI abuses

Title: WHM AutoPilot Multiple Vulnerabilities

Summary: Determines if WHM AutoPilot can include third-party files

Description:
The remote web server is running WHM AutoPilot, a script designed to
administer a web-hosting environment.

The remote version of this software is vulnerable to various flaws which
may allow an attacker to execute arbitrary commands on the remote host.

Solution : Upgrade the newest version of this software
Risk factor : High

Cross-Ref: BugTraq ID: 12119
Common Vulnerability Exposure (CVE) ID: CVE-2004-1422
Bugtraq: 20041228 Multiple WHM Autopilot Vulnerabilities (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=110425620105529&w=2
http://www.gulftech.org/?node=research&article_id=00059-12272004
Bugtraq: 20041231 WHM AutoPilot Security Release [ Plus Upgrade Instructions ] (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=110451997904494&w=2
http://www.securityfocus.com/bid/12119
http://secunia.com/advisories/13673
XForce ISS Database: whm-autopilot-information-disclosure(18701)
http://xforce.iss.net/xforce/xfdb/18701
Common Vulnerability Exposure (CVE) ID: CVE-2004-1421
http://www.osvdb.org/12695
http://securitytracker.com/id?1012707
XForce ISS Database: whm-autopilot-php-file-include(18699)
http://xforce.iss.net/xforce/xfdb/18699
Common Vulnerability Exposure (CVE) ID: CVE-2004-1420
XForce ISS Database: whm-autopilot-header-xss(18700)
http://xforce.iss.net/xforce/xfdb/18700

Copyright This script is Copyright (C) 2004 Tenable Network Security

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.16070
Category:	CGI abuses
Title:	WHM AutoPilot Multiple Vulnerabilities
Summary:	Determines if WHM AutoPilot can include third-party files
Description:	The remote web server is running WHM AutoPilot, a script designed to administer a web-hosting environment. The remote version of this software is vulnerable to various flaws which may allow an attacker to execute arbitrary commands on the remote host. Solution : Upgrade the newest version of this software Risk factor : High
Cross-Ref:	BugTraq ID: 12119 Common Vulnerability Exposure (CVE) ID: CVE-2004-1422 Bugtraq: 20041228 Multiple WHM Autopilot Vulnerabilities (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=110425620105529&w=2 http://www.gulftech.org/?node=research&article_id=00059-12272004 Bugtraq: 20041231 WHM AutoPilot Security Release [ Plus Upgrade Instructions ] (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=110451997904494&w=2 http://www.securityfocus.com/bid/12119 http://secunia.com/advisories/13673 XForce ISS Database: whm-autopilot-information-disclosure(18701) http://xforce.iss.net/xforce/xfdb/18701 Common Vulnerability Exposure (CVE) ID: CVE-2004-1421 http://www.osvdb.org/12695 http://securitytracker.com/id?1012707 XForce ISS Database: whm-autopilot-php-file-include(18699) http://xforce.iss.net/xforce/xfdb/18699 Common Vulnerability Exposure (CVE) ID: CVE-2004-1420 XForce ISS Database: whm-autopilot-header-xss(18700) http://xforce.iss.net/xforce/xfdb/18700
Copyright	This script is Copyright (C) 2004 Tenable Network Security