Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Ocean12 ASP Calendar Administrative Interface Access

High

Synopsis

The remote host is vulnerable to a flaw that allows for the bypassing of authentication.

Description

The remote host is running Ocean12 ASP Calendar, a web based application written in ASP.

There is a flaw in the remote software that may allow anyone to execute admnistrative commands on the remote host by requesting the page /admin/main.asp.

An attacker may exploit this flaw to deface the remote site without any credentials.

Solution

No solution is known at this time.