Detections
Analytics
Easy Address Book Web Server Query Remote Format String
medium Nessus Plugin ID 22305
Language:
Synopsis
The remote web server is affected by a format string vulnerability.Description
It appears that the remote web server is affected by a remote format string issue. Using a specially crafted URL containing a format string specifier, an unauthenticated, remote attacker can crash the affected application and possibly execute arbitrary code on the remote host.Solution
Unknown at this time.See Also
https://www.securityfocus.com/archive/1/445262/30/0/threaded
Plugin Details
Severity: Medium
ID: 22305
File Name: eabws_arg_format_string.nasl
Version: 1.22
Type: remote
Family: CGI abuses
Published: 9/5/2006
Updated: 1/19/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.0
CVSS v2
Risk Factor: Medium
Base Score: 5.1
Temporal Score: 4.6
Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P
Vulnerability Information
Exploit Available: true
Exploit Ease: Exploits are available
Vulnerability Publication Date: 9/5/2006
Reference Information
CVE: CVE-2006-4654
BID: 19842