GEN:SID | 1:2140 |
Message | WEB-PHP p-news.php access |
Summary | This event is generated when an attempt is made to access the p-news bulletin board.
|
Impact | Possible escalation of privilege.
|
Detailed Information | This event indicates that an attempt has been made to access the p-news bulletin board. The p-news application has a flaw that allows normal users to escalate their privilege level to that of the administrator by using a malformed username.
The attacker may be trying to gain administrator access.
|
Affected Systems | Any host using php.
|
Attack Scenarios | An attacker can take control of the application by supplying a specially crafted malformed username.
|
Ease of Attack | Simple.
|
Corrective Action | Check the php implementation on the host. Ensure all measures have been taken to deny access to sensitive files.
Apply the appropriate vendor patches.
Upgrade to the latest non-affected version of the software.
Check the host for signs of compromise.
|
Additional References | |
Rule References | nessus: 11669
|