Short Name |
HTTP:AUDIT:GENERIC-FMT-STR |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Keywords |
Generic Format String in Url |
Release Date |
2005/03/09 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit an http server using common format strings. Attackers may gain complete control of the target host.
Sun Microsystems AnswerBook2 allows users to view Sun documentation through a web browser, and is available for Solaris. AnswerBook2 includes an administrative web interface. Reportedly, it is possible to access these scripts without authorization, and add a new administrative user of the AnswerBook2 system.