Nessus Plugin #10803
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
Redhat Stronghold File System Disclosure
- Family:
- CGI abuses
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2001 Felix Huber
- Summary:
- Redhat Stronghold File System Disclosure
- Version:
- $Revision: 1.12 $
- Cve_id:
- CAN-2001-0868
- Bugtraq_id:
- -
- Xrefs:
- -
- Description:
Redhat Stronghold Secure Server File System Disclosure Vulnerability
The problem:
In Redhat Stronghold from versions 2.3 up to 3.0 a flaw exists that
allows a remote attacker to disclose sensitive system files including
the httpd.conf file, if a restricted access to the server status
report is not enabled when using those features.
This may assist an attacker in performing further attacks.
By trying the following urls, an attacker can gather sensitive
information:
http://target/stronghold-info will give information on configuration
http://target/stronghold-status will return among other information
the list of request made
Please note that this attack can be performed after a default
installation. The vulnerability seems to affect all previous version
of Stronghold.
Vendor status:
Patch was released (November 19, 2001)
Risk factor : Medium
Generiert am 27.04.2005 um 18:49:54 Uhr.