myServer Multiple Vulnerabilities
Low Nessus Network Monitor Plugin ID 2892
SynopsisThe remote host is running a vulnerable version of myServer.
DescriptionThe remote host is running myServer 0.8.0 or older. There is a flaw in the remote version of this software that may allow an attacker to list directories or execute a Cross-Site Scripting (XSS) attack. The first flaw would allow an attacker access to potentially confidential data via a directory listing. The second flaw would require the attacker to be able to convince a user to browse a malicious URI. Successful exploitation would result in the attacker being able to retrieve potentially confidential data (such as authentication cookies).
SolutionUpgrade or patch according to vendor recommendations.