|
Family: General --> Category: infos
osTicket Backdoored Vulnerability Scan
Vulnerability Scan Summary Detect osTicker Backdoored
Detailed Explanation for this Vulnerability Test
There is a vulnerability in the current version of osTicket
that allows a possible hacker to upload an PHP script, and then access it
causing it to execute.
This attack is being actively exploited by attackers to take over
servers. This script tries to detect infected servers.
Solution:
1) Remove any PHP files from the /attachments/ directory.
2) Place an index.html file there to prevent directory listing of that
directory.
3) Upgrade osTicket to the latest version.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|