|
Family: CGI abuses --> Category: attack
Limbo CMS Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Checks for multiple vulnerabilities in Limbo
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application that is affected by
numerous vulnerabilities.
Description :
The remote host is running Limbo CMS, a content-management system
written in PHP.
The remote version of this software is vulnerable to several flaws
including :
- If register_globals is off and Limbo is configured to use a MySQL
backend, then an SQL injection is possible due to improper
sanitization of the '_SERVER[REMOTE_ADDR]' parameter.
- The installation path is revealed when the 'doc.inc.php',
'element.inc.php', and 'node.inc.php' files are reqeusted when
PHP's 'display_errors' setting is enabled.
- An XSS attack is possible when the Stats module is used due to
improper sanitization of the '_SERVER[REMOTE_ADDR]' parameter.
- Arbitrary PHP files can be retrieved via the 'index2.php' script
due to improper sanitation of the 'option' parameter.
- A possible hacker can run arbitrary system commands on the remote
system via a combination of the SQL injection and directory
transversal attacks.
See also :
http://www.securityfocus.com/archive/1/419470
Solution :
Apply the patch http://www.limbo-cms.com/downs/patch_1_0_4_2.zip
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|