Nessus Plugin #16203
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
vBulletin Init.PHP unspecified vulnerability
- Family:
- CGI abuses
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2005 David Maciejak
- Summary:
- Checks the version of vBulletin
- Version:
- $Revision: 1.2 $
- Cve_id:
- -
- Bugtraq_id:
- 12299
- Xrefs:
- -
- Description:
The remote host is running vBulletin, a web based bulletin board system written
in PHP.
The remote version of this software is vulnerable to an unspecified issue. It is
reported that versions 3.0.0 through to 3.0.4 are prone to a security flaw
in 'includes/init.php'. Successful exploitation requires that 'register_globals'
is enabled.
*** As Nessus solely relied on the banner of the remote host
*** this might be a false positive
See also : http://secunia.com/advisories/13901/
Solution : Upgrade to vBulletin 3.0.5 or newer
Risk factor : Medium
Generiert am 27.04.2005 um 18:49:54 Uhr.