Paste2.org - Viewing Paste E6FbvMCm

include("compat.inc");
if(description)
{
script_id(990678);
script_version ("$Revision: 1.25 $");
#script_osvdb_id(562);
#script_cvs_date("$Date: 2013/01/25 01:19:07 $");
script_name(english:"Apache /awstats Information Disclosure");
script_set_attribute(attribute:"synopsis", value:
"The remote web server discloses information about visitors to the host.." );
script_set_attribute(attribute:"description", value:
"It is possible to obtain details of the visitors to the Apache web server
by requesting the URL '/awstats/'. This overview
includes information such as visitor counts, and requested URLs." );
script_set_attribute(attribute:"see_also", value:"http://awstats.sourceforge.net/docs/awstats_setup.html" );
script_set_attribute(attribute:"solution", value:
"Limit access to /awstats by enforcing IP restrictions or authentication." );
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
#script_set_attribute(attribute:"plugin_publication_date", value: "2001/05/28");
#script_set_attribute(attribute:"vuln_publication_date", value: "1999/01/01");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe",value:"cpe:/a:apache:http_server");
script_end_attributes();
summary["english"] = "Requests /awstats/";
script_summary(english:summary["english"]);
script_category(ACT_GATHER_INFO);
#script_copyright(english:"This script is Copyright (C) 2001-2013 StrongHoldNet");
family["english"] = "Web Servers";
script_family(english:family["english"]);
script_dependencie("find_service1.nasl", "http_version.nasl");
script_require_ports("Services/www", 80);
script_require_keys("www/apache");
exit(0);
}
#
# The script code starts here
#
include("global_settings.inc");
include("http_func.inc");
include("http_keepalive.inc");
port = get_http_port(default:80);
str = "AWStats";
if(get_port_state(port) )
{
buffer = http_get(item:"/awstats/", port:port);
data = http_keepalive_send_recv(port:port, data:buffer);
if( str >< data )
{
security_warning(port);
}
}