Code: p1001 Severity: Notice
Description: This event is generated when an attempt is made to access nph-exploitscanget.cgi on an internal web server. This may indicate an attempt to exploit a cross-site scripting or policy bypass vulnerability in Exploit Labs Wood's Infinity Scan EZ 3.69 or The Infinity Project Infinity CGI Exploit Scanner 3.11 Beta. Impact: At the minimum, a bypass of scanning policies which may lead to a future compromise of the server. At the maximum, remote execution of arbitrary code on a client machine. Corrective: It is not known if these vulnerabilities have been patched or fixed in later versions. Contact the vendor for more information.
|
