LocalWeb2000 2.1.0 Multiple Remote Vulnerabilities

This script is Copyright (C) 2002-2011 Jason Lidow <jason@brandx.net>


Synopsis :

The remote host is vulnerable to several information disclosure flaws.

Description :

The remote host is running LocalWeb2000.

Version 2.1.0 of LocalWeb2000 allows an attacker to view protected
files on the host's computer.

It may also disclose the NetBIOS name of the remote host when
it receives malformed directory requests.

Solution :

Contact http://www.intranet-server.co.uk for an update.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 11005 (localweb2k.nasl)

Bugtraq ID: 2268
4820
7947

CVE ID: CVE-2001-0189
CVE-2002-0897