FreePBX gen_amp_conf.php Information Disclosure

high Nessus Plugin ID 58088

Synopsis

A web application on the remote host is affected by an information disclosure vulnerability.

Description

By requesting the 'admin/modules/framework/bin/gen_amp_conf.php' script directly, an unauthenticated, remote attacker can discover all the configuration parameters, including the admin password, for the FreePBX installed on the remote host, thereby gaining administrative access to it.

Solution

Upgrade FreePBX to version 2.9.0 or later, with the most up-to-date core and framework modules.

Alternatively, update the Apache configuration on the server to prevent remote access to the affected script.

See Also

http://www.nessus.org/u?36cd0cc3

https://seclists.org/bugtraq/2012/Feb/75

http://www.nessus.org/u?8af42c16

Plugin Details

Severity: High

ID: 58088

File Name: freepbx_gen_amp_conf.nasl

Version: 1.10

Type: remote

Family: CGI abuses

Published: 2/22/2012

Updated: 6/5/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Enable CGI Scanning: true

Vulnerability Information

CPE: cpe:/a:freepbx:freepbx

Required KB Items: www/PHP, installed_sw/FreePBX

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2/14/2012

Reference Information

BID: 52048