Short Name |
HTTP:CGI:EASYNEWS-ADMIN1 |
---|---|
Severity |
Warning |
Recommended |
No |
Category |
HTTP |
Keywords |
EasyNews |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in EasyNews, a text-based Internet news posting system. Attackers can access scripts (due to improper permission checking) and gain admin privileges.
Remote attackers can exploit this vulnerability to show all passwords of members and administrators, and access administrator scripts without administrator access.