| VID |
28117 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of Hosting Controller which is older than version 6.1 Hotfix 2.2 is detected as installed on the host. Hosting Controller is a Web hosting automation tool for Microsoft Windows platforms. Hosting Controller versions prior to 6.1 Hotfix 2.2 are vulnerable to multiple vulnerabilities, which can be exploited by a remote attacker to gain knowledge of sensitive information, conduct SQL injection attacks, cause a DoS (Denial of Service), or gain escalated privileges.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://hostingcontroller.com/english/logs/hotfixlogv61_2_2.html
http://secunia.com/advisories/15975/
http://securitytracker.com/alerts/2005/Jul/1014477.html
http://www.securitytracker.com/alerts/2005/Jul/1014501.html
* Platforms Affected:
HostingController.com, Hosting Controller versions prior to 6.1 Hotfix 2.2
Microsoft Windows Any version |
| Recommendation |
Upgrade to the Hosting Controller version 6.1 and apply the latest Hotfix (2.2 or later), available from the Hosting Controller Web site at http://www.hostingcontroller.com |
| Related URL |
(CVE) |
| Related URL |
14258,14283 (SecurityFocus) |
| Related URL |
21391,21392,21393,21402,21401,21404 (ISS) |
|
