Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> CGI abuses >> Ocean12 Database Download

Vulnerability Assessment Details

Ocean12 Database Download

Vulnerability Assessment Summary
Checks for Ocean12 guestbook

Detailed Explanation for this Vulnerability Assessment

The remote server is running Ocean12 GuestBook, a set of scripts
to manage an interactive guestbook.

A possible hacker may download the database 'o12guest.mdb'
and use it to extract the password of the admninistrator
of these CGIs.

Solution : Block the download of .mdb files from your web server.
Network Security Threat Level: Medium

Networks Security ID: 7328

Vulnerability Assessment Copyright: This script is Copyright (C) 2003 Renaud Deraison

Cables, Connectors


No Discussions have been posted on this vulnerability.