Detections
Analytics
SAXoPRESS pbcs.dll url Parameter Traversal Arbitrary File Access
medium Nessus Plugin ID 21230
Language:
Synopsis
The remote web server contains an application that is prone to directory traversal attacks.Description
The remote host is running SAXoPRESS or Publicus, web content management systems commonly used by newspapers.The installation of SAXoPRESS / Publicus on the remote host fails to validate user input to the 'url' parameter of the 'apps/pbcs.dll' script. An attacker can exploit this issue to access files on the remote host via directory traversal, subject to the privileges of the web server user id.
Solution
Unknown at this time.See Also
https://www.securityfocus.com/archive/1/430707/30/0/threaded
Plugin Details
Severity: Medium
ID: 21230
File Name: saxopress_url_dir_traversal.nasl
Version: 1.23
Type: remote
Family: CGI abuses
Published: 4/17/2006
Updated: 1/19/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.0
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
Vulnerability Information
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Ease: No exploit is required
Exploited by Nessus: true
Vulnerability Publication Date: 4/11/2006
Reference Information
CVE: CVE-2006-1771
BID: 17474