 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 10253 |
| Category: | CGI abuses |
| Title: | Cobalt siteUserMod cgi |
| Summary: | NOSUMMARY |
| Description: | Description: The Cobalt 'siteUserMod' CGI is installed. Older versions of this CGI allow any user to change the administrator password. Make sure you are running the latest version. Solution : RaQ 1 Users, download : ftp://ftp.cobaltnet.com/ pub/experimental/security/siteUserMod/RaQ1-Security-3.6.pkg RaQ 2 Users, download : ftp://ftp.cobaltnet.com/ pub/experimental/security/siteUserMod/RaQ2-Security-2.94.pkg RaQ 3 Users, download : ftp://ftp.cobaltnet.com/ pub/experimental/security/siteUserMod/RaQ3-Security-2.2.pkg Risk factor : High |
| Cross-Ref: |
BugTraq ID: 951 Common Vulnerability Exposure (CVE) ID: CVE-2000-0117 http://www.securityfocus.com/bid/951 Bugtraq: 20000127 Cobalt RaQ2 - a user of mine changed my admin password.. (Google Search) Bugtraq: 20000131 [ Cobalt ] Security Advisory -- 01.31.2000 (Google Search) XForce ISS Database: http-cgi-cobalt-passwords |
| Copyright | This script is Copyright (C) 1999 Renaud Deraison |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |