GEN:SID | 1:2153 |
Message | WEB-PHP autohtml.php directory traversal attempt |
Summary | This event is generated when a remote user attempts to access autohtml.php on a web server. This may indicate an attempt to exploit a directory traversal vulnerability in PHP-Proxima, a web site portal application.
|
Impact | Information gathering.
|
Detailed Information | This event may indicate an attempt to exploit a vulnerability in the autohtml.php script within PHP-Proxima. An attacker can use directory traversal techniques when accessing autohtml.php to view hidden files and directories on the web server with the access privileges of the server.
|
Affected Systems | Any server running PHP-Proxima.
|
Attack Scenarios | An attacker can use directory traversal techniques when executing autohtml.php to view directories and files on the web server.
|
Ease of Attack | Simple. A proof of concept exists.
|
Corrective Action | Comment out or remove the "include("autohtml/$name");" line from the autohtml.php script.
|
Additional References | Bugtraq http://www.securityfocus.com/bid/7598
Nessus http://cgi.nessus.org/plugins/dump.php3?id=11630
|
Rule References | nessus: 11630
|