|
|
Family: CGI abuses --> Category: infos
Post-Nuke information disclosure (2) Vulnerability Scan
Vulnerability Scan Summary
Determine if a remote host is vulnerable to the opendir.php vulnerability
Detailed Explanation for this Vulnerability Test
The remote host is running post-nuke. It is possible to use it
to acertain the full path to its installation on the server
or the name of the database used, by doing a request like :
/modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=
A possible hacker may use these flaws to gain a more intimate knowledge
of the remote host.
Solution : Change the members list rights to admins only, or disable
the members list module completely
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.
|
