MetaInfo Web Server Traversal Arbitrary Command Execution

This script is Copyright (C) 1999-2016 Tenable Network Security, Inc.

Synopsis :

The remote host has a command execution vulnerability.

Description :

The remote MetaInfo web server (installed with MetaInfo's Sendmail or
MetaIP servers) has an arbitrary command execution vulnerability. It
is possible to read files or execute arbitrary commands by prepending
the appropriate number of '../' to the desired filename. A remote
attacker could exploit this to execute arbitrary commands on the

See also :

Solution :

Upgrade to the latest version of this software.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 9.5
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 10141 ()

Bugtraq ID: 110

CVE ID: CVE-1999-0268

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now