|
Family: CGI abuses --> Category: infos
Cerberus Helpdesk rpc.php Information Disclosure Vulnerability Vulnerability Scan
Vulnerability Scan Summary Gets requestors for a Cerberus ticket
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP script that is affected by an
information disclosure issue.
Description :
The remote host is running Cerberus Helpdesk, a web-based helpdesk
suite written in PHP.
The installed version of Cerberus Helpdesk on the remote host allows
an unauthenticated attacker to retrieve information about ticket
requesters through the 'rpc.php' script.
See also :
http://forum.cerberusweb.com/showthread.php?t=7922
Solution :
Patch the affected file as described in the forum thread referenced
above.
Threat Level:
Low / CVSS Base Score : 2.3
(AV:R/AC:L/Au:NR/C:P/I:N/A:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|