This script is Copyright (C) 2009-2011 Tenable Network Security, Inc.
The remote web server is affected by an information disclosure
The version of the NaviCOPA web server software running on the remote
host returns the source of scripts hosted on it if the URL ends in a
dot ('.'). A remote attacker can leverage this issue to view the
source code of CGIs and possibly obtain passwords and other sensitive
information from this host.
See also :
Upgrade to NaviCOPA 3.01 from 6th February 2009 or later as that
reportedly addresses the issue.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 35588 ()
Bugtraq ID: 33585