Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

Cerberus Helpdesk rpc.php Information Disclosure Vulnerability Vulnerability Scan


Vulnerability Scan Summary
Gets requestors for a Cerberus ticket

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains a PHP script that is affected by an
information disclosure issue.

Description :

The remote host is running Cerberus Helpdesk, a web-based helpdesk
suite written in PHP.

The installed version of Cerberus Helpdesk on the remote host allows
an unauthenticated attacker to retrieve information about ticket
requesters through the 'rpc.php' script.

See also :

http://forum.cerberusweb.com/showthread.php?t=7922

Solution :

Patch the affected file as described in the forum thread referenced
above.

Threat Level:

Low / CVSS Base Score : 2.3
(AV:R/AC:L/Au:NR/C:P/I:N/A:N/B:N)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.