This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.
The remote web server is affected by an information disclosure
The installed version of the NaviCOPA web server software on the
remote host returns the source of scripts hosted on it when '::$DATA'
is appended to the request URL. A remote attacker can leverage this
issue to view the source code of CGIs and possibly obtain passwords
and other sensitive information from this host.
Upgrade to NaviCOPA 3.01.2 from 17th September 2009 or later as that
reportedly addresses the issue.
Risk factor :
Medium / CVSS Base Score : 5.0
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 41646 ()
CVE ID: CVE-2009-3646