Unify eWave ServletExec 3.0C UploadServlet Unprivileged File Upload

high Nessus Plugin ID 10570

Synopsis

Arbitrary files may be overwritten on the remote host.

Description

ServletExec has a servlet called 'UploadServlet' in its server side classes. UploadServlet, when invokable, allows an attacker to upload any file to any directory on the server. The uploaded file may have code that can later be executed on the server, leading to remote command execution.

Solution

Remove it.

Plugin Details

Severity: High

ID: 10570

File Name: ewave_servlet_upload.nasl

Version: 1.25

Type: remote

Family: CGI abuses

Published: 12/19/2000

Updated: 1/19/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Vulnerability Publication Date: 10/31/2000

Reference Information

CVE: CVE-2000-1024

BID: 1876

Detections

Analytics