GEN:SID 1:2153
Message WEB-PHP autohtml.php directory traversal attempt
Summary This event is generated when a remote user attempts to access autohtml.php on a web server. This may indicate an attempt to exploit a directory traversal vulnerability in PHP-Proxima, a web site portal application.
Impact Information gathering.
Detailed Information This event may indicate an attempt to exploit a vulnerability in the autohtml.php script within PHP-Proxima. An attacker can use directory traversal techniques when accessing autohtml.php to view hidden files and directories on the web server with the access privileges of the server.
Affected Systems Any server running PHP-Proxima.
Attack Scenarios An attacker can use directory traversal techniques when executing autohtml.php to view directories and files on the web server.
Ease of Attack Simple. A proof of concept exists.
Corrective Action Comment out or remove the "include("autohtml/$name");" line from the autohtml.php script.
Additional References Bugtraq
http://www.securityfocus.com/bid/7598

Nessus
http://cgi.nessus.org/plugins/dump.php3?id=11630
Rule References nessus: 11630