WebConnect Multiple Remote Vulnerabilities (deprecated)

High Nessus Network Monitor Plugin ID 2639


The remote host is vulnerable to multiple attack vectors.


The remote host is running OpenConnect WebConnect. WebConnect is a web-based graphical user interface that gives remote users console access to mainframe, midrange, and Unix systems. WebConnect can be used to launch a Java-based telnet console that communicates over the HTTP protocol. This version of WebConnect is vulnerable to several remote attacks. The impact of the attack ranges from Denial of Service (DoS) to data compromise. An attacker exploiting these flaws would only need to be able to send HTTP requests to the web server. Successful exploitation would result in compromise of data or loss of availability.


Upgrade or patch according to vendor recommendations.

Plugin Details

Severity: High

ID: 2639

Family: CGI

Published: 2005/02/22

Modified: 2016/09/08

Dependencies: 1442

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:H/RL:U/RC:C


Base Score: 7.3

Temporal Score: 7.3


Temporal Vector: CVSS3#E:H/RL:U/RC:C

Reference Information

CVE: CVE-2004-0466, CVE-2004-0465

BID: 12613