|
|
Family: CGI abuses --> Category: infos
RiSearch Arbitrary File Access Vulnerability Scan
Vulnerability Scan Summary
Acertains the presence of RiSearch show.pl
Detailed Explanation for this Vulnerability Test
The remote host seems to be running RiSearch, a local search engine.
This version contains a flaw that may lead to an unauthorized
information disclosure. The issue is triggered when an arbitary
local file path is passed to show.pl, which will disclose the
file contents resulting in a loss of confidentiality.
A possible hacker, exploiting this flaw, would be able to gain access
to potentially confidential files which would be useful in
elevating rights on the remote machine.
Solution : Upgrade to the latest version of this software.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
