File: 2057.txt

package info (click to toggle)
snort 2.7.0-20.4
  • links: PTS
  • area: main
  • in suites: lenny
  • size: 34,512 kB
  • ctags: 18,772
  • sloc: ansic: 115,404; sh: 10,893; makefile: 1,372; perl: 487; sql: 213
file content (60 lines) | stat: -rw-r--r-- 907 bytes parent folder | download | duplicates (6)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Rule:

--
Sid:
2057

--
Summary:
helpout.exe.

--
Impact:
Denial of Service

--
Detailed Information:
It is possible to issue a denial of service to vulnerable versions of 
the WebSphere caching proxy by sending an illegitimate request to the 
cgi script helpout.exe.

scanner nessus to scan the server for possible exploit opportunities.

--
Affected Systems:
WebSphere caching proxy

--
Attack Scenarios:
The attacker merely needs to send a bad request to helpout.exe.

--
Ease of Attack:
Simple

--
False Positives:
None Known

--
False Negatives:
None Known

--
Corrective Action:
Upgrade to the latest non-vulnerable version of WebSphere caching proxy 
or disable the script helpout.exe.

--
Contributors:
Sourcefire Research Team
Brian Caswell <bmc@sourcefire.com>
Nigel Houghton <nigel.houghton@sourcefire.com>

--
Additional References:

Nessus:
http://cgi.nessus.org/plugins/dump.php3?id=11162

--