|
Family: CGI abuses --> Category: attack
EasyDynamicPages edp_relative_path Parameter Remote File Include Vulnerability Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of EasyDynamicPages
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP script that is affected by a
remote file include vulnerability.
Description :
The remote host is running EasyDynamicPages, a set of PHP scripts
designed to help web publication.
It is possible with this suite to make the remote host include PHP
files hosted on a third party server. A possible hacker may use this flaw
to inject arbitrary code in the remote host and gain a shell with the
rights of the web server.
See also :
http://archives.neohapsis.com/archives/bugtraq/2004-01/0005.html
Solution :
Unknown at this time.
Threat Level:
Medium / CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|