|
|
Family: CGI abuses --> Category: attack
Mambo Open Source < 4.5.2.3 Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for multiple vulnerabilities in Mambo Open Source < 4.5.2.3
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application that is affected by
multiple issues.
Description :
The installed version of Mambo Open Source on the remote host suffers
from the following flaws :
- Session ID Spoofing Vulnerability
An unspecified flaw in the script 'administrator/index3.php'
can be exploited to spoof session IDs.
- Local File Disclosure Vulnerability
The 'includes/DOMIT/testing_domit.php' script may be used
to read the contents of local files such as Mambo's
configuration file, which holds database credentials.
- A SQL Injection Vulnerability
The application fails to properly sanitize user-supplied
input to the 'user_rating' parameter of the
'components/com_content/content.php' script before using
it in SQL statements.
- Multiple Unspecified Injection Vulnerabilities
Various class 'check' methods fail to properly
sanitize input, although it's unknown precisely
what dangers these flaws present.
See also :
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034575.html
http://mamboforge.net/frs/download.php/6153/CHANGELOG
Solution :
Upgrade to Mambo version 4.5.2.3 or greater.
Threat Level:
Medium / CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:P/A:N/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
