Signature Detail

HTTP: Ecommerce check.txt Access

This signature detects HTTP requests for "check.txt" in Mountain Network Systems Ecommerce software. The shopping cart software creates world-readable files in the Web server document tree that can be indexed by search engines.

Extended Description

Successful exploitation of this vulnerability would allow confidential information, such as credit card details, to be disclosed. The newly discovered information could be used to commit fraud or other malicious activity.

References

• CVE: CVE-1999-0610
• URL: http://archives.neohapsis.com/archives/bugtraq/1999_2/0264.html
• URL: http://www.juniper.net/security/auto/vulnerabilities/vuln2020.html