OpenVMS WASD HTTP Server Multiple Vulnerabilities

This script is Copyright (C) 2005-2011 Tenable Network Security, Inc.


Synopsis :

The remote host has an application that may allow arbitrary code
execution on the remote system.

Description :

According to its banner, the remote host appears to be running WASD
HTTP server - a web server for the OpenVMS platform.

The remote version of this software is affected by various
vulnerabilities that may allow an attacker to execute arbitrary code
on the remote host.

Solution :

Upgrade to OpenVMS WASD 7.2.4, 8.0.1 or 8.1

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 17150 ()

Bugtraq ID: 5811

CVE ID: CVE-2002-1825