Glimpse HTTP aglimpse Arbitrary Command Execution

high Nessus Plugin ID 10095

Synopsis

The remote web server is running a web application that is affected by an arbitrary command execution vulnerability.

Description

The remote web server is running GlipmseHTTP. The installed version suffers from a remote command execution vulnerability in the 'aglimpse' component.

Note that we could not actually check for the presence of this vulnerability, and only checked for the existence of the 'aglimpse' CGI.

Solution

There is no known solution at this time.

Plugin Details

Severity: High

ID: 10095

File Name: glimpse.nasl

Version: 1.33

Type: remote

Family: CGI abuses

Published: 8/19/1999

Updated: 1/19/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Vulnerability Publication Date: 7/2/1997

Reference Information

CVE: CVE-1999-0147

BID: 2026

Detections

Analytics