AHG EZshopper Loadpage.cgi File List Disclosure Vulnerability

· Overview ·
· Origins ·
· Operation ·
· Detection and Removal ·
· Research ·

Overview

Summary:

 Provided with a directory name as a '', loadpage.cgi will list the content of current EZshopper directory. According to the returned information, attacker can open subdirectory or view some sensitive file contents like user's data files...

Category:

Exploit: A way of breaking into a system. An exploit takes advantage of a weakness in a system in order to hack it. Exploits are the root of the hacker culture. Hackers gain fame by discovering an exploit. Others gain fame by writing scripts for it. Legions of script-kiddies apply the exploit to millions of systems, whether it makes sense or not. Since people make the same mistakes over-and-over, exploits for very different systems start to look very much like each other. Most exploits can be classified under major categories: buffer overflow, directory climbing, defaults, Denial of Service.

Similar Pests:

 Exploit

Origins

Group:

 NSFOCUS Security Team

By This Group:

 Windows 9x NETBIOS password verification vulnerability ·

Date of Origin:

 December, 2000

Operation

Detection and Removal

Automatic Removal:

PestPatrol detects this.

PestPatrol removes this.

Research

More Info:
  • AllTheWeb, AltaVista, AOL Search, Ask Jeeves, Google, HotBot, Lycos, LookSmart, MSN, Yahoo!
    		•

    Research By:
  • PestPatrol's Pest Research Center
    		•

    Last Revised:

    		 July 20, 2004