CGI::Session File Driver CGISESSID Cookie Traversal Authentication Bypass

medium Nessus Plugin ID 33532

Synopsis

The remote web server hosts a PERL module that is affected by a directory traversal vulnerability.

Description

The remote host appears to be using the CGI::Session PERL module to manage file-based sessions.

The version of this module hosted by the remote web server fails to properly sanitize input to the session cookie of directory traversal sequences. An unauthenticated, remote attacker can leverage this issue on a Windows system to bypass session-based controls.

Solution

Upgrade to CGI::Session version 4.34 or later.

See Also

http://vuln.sg/cgisession433-en.html

http://vuln.sg/fswiki362session-en.html

https://fastapi.metacpan.org/source/MARKSTOS/CGI-Session-4.34/Changes

Plugin Details

Severity: Medium

ID: 33532

File Name: cgi_session_dir_traversal.nasl

Version: 1.19

Type: remote

Family: CGI abuses

Published: 7/18/2008

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Vulnerability Information

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

BID: 30267

SECUNIA: 31117