Summary
vqSoft's vqServer administrative port is open. Brute force guessing of the username/password is possible, and a bug in versions 1.9.9 and below allows configuration file retrieval remotely.
For more information, see:
http://www.securiteam.com/windowsntfocus/Some_Web_servers_are_still_vulnerable_to_the_dotdotdot_vulnerability.html
Solution
close this port for outside access.
Severity
Classification
-
CVE CVE-2000-0766 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Extension Manager CS5 Insecure Library Loading Vulnerability (Win)
- Adobe AIR Multiple Vulnerabilities(APSB14-24)-(Mac OS X)
- Adobe AIR Multiple Vulnerabilities -01 Feb13 (Mac OS X)
- Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Linux)
- Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Windows)