VULHUB ™

A vulnerability in Infinity CGI Exploit Scanner may allow an attacker to bypass established host scanning policies. Infinity CGI Exploit Scanner allows administrators to restrict specific web sites from being scanned. However, due to an input validation error in the pattern matching of hostnames, a normally restricted site, containing a wildcard DNS "A" record, may still be scanned. This will effectively bypass the established host scanning policy and scan the forbidden site.

A vulnerability in Infinity CGI Exploit Scanner may allow an attacker to bypass established host scanning policies. Infinity CGI Exploit Scanner allows administrators to restrict specific web sites from being scanned. However, due to an input validation error in the pattern matching of hostnames, a normally restricted site, containing a wildcard DNS "A" record, may still be scanned. This will effectively bypass the established host scanning policy and scan the forbidden site.