Kerio WinRoute Firewall Web Server Remote Source Code Disclosure

medium Nessus Plugin ID 59608

Synopsis

The remote web server hosts an application that is affected by a information disclosure vulnerability.

Description

By sending specially crafted requests with a NULL byte followed by an extension such as '.txt', an unauthenticated, remote attacker can obtain the source code of PHP files available through the version of Kerio WinRoute Firewall installed on the remote host.

Solution

Upgrade to version 6.7.0 as the issue has been confirmed to be resolved in that version.

Plugin Details

Severity: Medium

ID: 59608

File Name: kerio_wrf_source_disclosure.nasl

Version: 1.6

Type: remote

Family: CGI abuses

Published: 6/20/2012

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/a:kerio:winroute_firewall

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Patch Publication Date: 5/10/2012

Vulnerability Publication Date: 5/10/2012

Reference Information

BID: 53460