Zeus < 3.3.5a Web Server Null Byte Request CGI Source Disclosure
Medium Nessus Network Monitor Plugin ID 1447
SynopsisThe remote host is vulnerable to a flaw which allows attackers to retrieve sensitive files.
DescriptionThe remote host is running the Zeus WebServer. Version 3.1.x to 3.3.5 of this web server are vulnerable to a bug which allows an attacker to view the source code of all the CGI scripts installed, and possibly steal credentials from them.
SolutionUpgrade to Zeus Web Server 3.3.5a or higher