|
Family: CGI abuses --> Category: infos
Basilix Webmail Dummy Request Vulnerability Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of basilix.php3
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP script that is prone to information
disclosure.
Description :
The script 'basilix.php3' is installed on the remote web server. Some
versions of this webmail software allow the users to read any file on
the system with the permission of the webmail software, and execute any
PHP.
See also :
http://archives.neohapsis.com/archives/bugtraq/2001-07/0114.html
Solution :
Update Basilix or remove DUMMY from lang.inc.
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|