Signature Detail

Short Name	HTTP:CGI:EASYNEWS-ADMIN1
Severity	Low
Recommended	No
Category	HTTP
Release Date	2003/04/22
Update Number	1213
Supported Platforms	di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: EasyNews

This signature detects attempts to exploit a known vulnerability in EasyNews, a text-based Internet news posting system. Attackers can access scripts (due to improper permission checking) and gain admin privileges.

Extended Description

Remote attackers can exploit this vulnerability to show all passwords of members and administrators, and access administrator scripts without administrator access.

References

URL: http://online.securityfocus.com/archive/82/275740/2002-06-03/2002-06-09/0

Signature Detail

Short Name

Severity

Recommended

Category

Release Date

Update Number

Supported Platforms

HTTP: EasyNews

Extended Description

References