How to Buy
This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.
The remote web server is affected by an information disclosure
The installed version of the NaviCOPA web server software on the
remote host returns the source of scripts hosted on it when '::$DATA'
is appended to the request URL. A remote attacker can leverage this
issue to view the source code of CGIs and possibly obtain passwords
and other sensitive information from this host.
Upgrade to NaviCOPA 3.01.2 from 17th September 2009 or later as that
reportedly addresses the issue.
Risk factor :
Medium / CVSS Base Score : 5.0
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 41646 ()
CVE ID: CVE-2009-3646
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.