Family: Backdoors --> Category: infos
Post-Nuke Trojan Horse Vulnerability Scan
Vulnerability Scan Summary
Acertains if post-nuke is trojaned
Detailed Explanation for this Vulnerability Test
The remote host seems to be running a copy of a trojaned version of
the 'PostNuke' content management system.
Post-Nuke is a content management system in PHP whose main website has
been compromised between the 24th and 26th of October 2004. A possible hacker
modified some of the source code of the tool to execute arbitrary commands
remotely on the remote host, by passing arguments to the 'oops' parameter
of the file pnAPI.php.
Solution : Upgrade to the latest version of postnuke
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.