CGI abuses : Spyke Flaws

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 44979 CVE descriptions and 24808 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 11706

Category: CGI abuses

Title: Spyke Flaws

Summary: Checks for the presence of info.dat

Description:
The remote host is using Spyke - a web board written in PHP.

This board stores vital information in the file info.dat,
which may be downloaded by anyone. This file contains
the name of the administrator of the web site, as well as
its password.

Another flaw lets an attacker download any information about
any user simply by knowing their name.

Solution : None at this time.
Risk factor : Medium

Cross-Ref: BugTraq ID: 7856

Copyright This script is Copyright (C) 2003 Tenable Network Security

This is only one of 24808 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	11706
Category:	CGI abuses
Title:	Spyke Flaws
Summary:	Checks for the presence of info.dat
Description:	The remote host is using Spyke - a web board written in PHP. This board stores vital information in the file info.dat, which may be downloaded by anyone. This file contains the name of the administrator of the web site, as well as its password. Another flaw lets an attacker download any information about any user simply by knowing their name. Solution : None at this time. Risk factor : Medium
Cross-Ref:	BugTraq ID: 7856
Copyright	This script is Copyright (C) 2003 Tenable Network Security