Nessus Plugin #10831

Plugin Index

Note: This file has been created from a downloaded version of the Nessus Plugins from http://www.nessus.org/. Therefore, the information here can be outdated.

PHP Rocket Add-in File Traversal

Family:
CGI abuses
Category:
infos
Copyright:
This script is Copyright (C) 2001 H D Moore & Drew Hintz ( http://guh.nu )
Summary:
Looks for a directory traversal vulnerability in the PHP Rocket Add-in for FrontPage.
Version:
$Revision: 1.10 $
Cve_id:
CAN-2001-1204
Bugtraq_id:
3751
Xrefs:
-
Description:

There is a vulnerability in the PHP Rocket Add-in for FrontPage
that allows a remote attacker to view the contents of any arbitrary
file to which the web user has access. This vulnerability exists
because the PHP Rocket Add-in does not filter out ../ and is therefore
susceptible to this directory traversal attack.

More Information: http://www.securityfocus.com/bid/3751

Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.