|
Family: CGI abuses --> Category: attack
Guestbook Script include_files Parameter Remote File Include Vulnerability Vulnerability Scan
Vulnerability Scan Summary Tries to read /etc/passwd using Guestbook Script
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application that is affected by
remote file include issues.
Description :
The remote host is running Guestbook Script, a free guestbook written
in PHP.
The version of Guestbook Script installed on the remote host fails to
sanitize input to the 'include_files' array parameter before using it
in a PHP 'include()' function in various scripts. Provided PHP's
'register_globals' setting is enabled, an unauthenticated attacker may
be able to exploit this issue to view arbitrary files on the remote
host or to execute arbitrary PHP code, possibly taken from third-party
hosts.
Note that the application must be running under PHP 5 for a possible hacker
to take code from third-party hosts.
See also :
http://downloads.securityfocus.com/vulnerabilities/exploits/Stadtaus-Guestbook-0504-rfi.pl
http://www.stadtaus.com/forum/t-2600.html
Solution :
Upgrade to Guestbook Script 1.9 or later.
Threat Level:
Medium / CVSS Base Score : 4.7
(AV:R/AC:L/Au:NR/C:P/I:P/A:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|