Vulnerability found on port www (80/tcp)
There is a buffer overflow in the remote
htimage.exe cgi when it is given the request :
/cgi-bin/htimage.exe/AAAA[....]AAA?0,0
An attacker may use it to execute arbitrary code
on this host.
Solution : delete it
Risk factor : High
CVE : CAN-2000-0256
Is there anything that tickles your memory Renaud? This report was generated from a cvs build that is ~1mo old.
David
-- I may have the information you need and I may choose only HTML. It's up to you. Disclaimer: I am not responsible for any email that you send me nor am I bound to any obligation to deal with any received email in any given fashion. If you send me spam or a virus, I may in whole or part send you 50,000 return copies of it. I may also publically announce any and all emails and post them to message boards, news sites, and even parody sites. I may also mark them up, cut and paste, print, and staple them to telephone poles for the enjoyment of people without internet access. This is not a confidential medium and your assumption that your email can or will be handled confidentially is akin to baring your backside, burying your head in the ground, and thinking nobody can see you butt nekkid and in plain view for miles away. Don't be a cluebert, buy one from K-mart today.
