Mambo < 4.6.5 mos_user_template Local File Inclusion

medium Nessus Plugin ID 33479

Synopsis

The remote web server contains a PHP application that is affected by a local file include vulnerability.

Description

The version of Mambo installed on the remote host fails to properly check user input to the 'mos_user_template' cookie for directory traversal sequences before using it to include PHP code from a local file. An unauthenticated attacker may be able to exploit this issue to view arbitrary files or to execute arbitrary PHP code on the affected host.

Solution

Upgrade to Mambo 4.6.5 or later.

See Also

http://source.mambo-foundation.org/content/view/144/1/

Plugin Details

Severity: Medium

ID: 33479

File Name: mambo_mos_user_template_file_include.nasl

Version: 1.13

Type: remote

Family: CGI abuses

Published: 7/11/2008

Updated: 6/1/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Vulnerability Information

Required KB Items: www/mambo_mos

Excluded KB Items: Settings/disable_cgi_scanning