|
|
Family: CGI abuses --> Category: infos
Advanced Poll info.php Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of info.php
Detailed Explanation for this Vulnerability Test
The remote host is running Chien Kien Uong's Advanced Poll,
a simple Poll system using PHP.
By default, this utility includes two files called info.php,
located in [path to poll]/db/misc/info.php and
[path to poll]/text/misc/info.php.
This files make a call to phpinfo() which display a lot of information
about the remote host and how PHP is configured.
A possible hacker may use this flaw to gain a more intimate knowledge
about the remote host and better prepare its attacks.
Solution : Delete these two files
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.
|
