Detections
Analytics
Mambo / Joomla Component / Module mosConfig_absolute_path Parameter Remote File Inclusion
medium Nessus Network Monitor Plugin ID 3687
Synopsis
The remote web server contains a PHP application that is prone to remote file inclusion attacks.Description
The remote host contains a third-party Mambo / Joomla component or module. The version of at least one such component or module installed on the remote host fails to sanitize input to the 'mosConfig_absolute_path' parameter before using it to include PHP code. Provided PHP's 'register_globals' setting is enabled, an unauthenticated attacker may be able to exploit these flaws to view arbitrary files on the remote host or to execute arbitrary PHP code, possibly taken from third-party hosts.Solution
Disable PHP's 'register_globals' setting. Upgrade or patch according to vendor recommendations.See Also
http://www.securityfocus.com/archive/1/439035/30/0/threaded
http://www.securityfocus.com/archive/1/439451/30/0/threaded
http://www.securityfocus.com/archive/1/439618/30/0/threaded
http://www.securityfocus.com/archive/1/439963/30/0/threaded
http://www.securityfocus.com/archive/1/439997/30/0/threaded
http://www.securityfocus.com/archive/1/440881/30/0/threaded
http://www.securityfocus.com/archive/1/441533/30/0/threaded
http://www.securityfocus.com/archive/1/441538/30/0/threaded
http://www.securityfocus.com/archive/1/441541/30/0/threaded
http://www.securityfocus.com/archive/1/444425/30/0/threaded
http://packetstormsecurity.org/0607-exploits/smf.txt
http://isc.sans.org/diary.php?storyid=1526
http://www.milw0rm.com/exploits/1959
http://www.milw0rm.com/exploits/2020
http://www.milw0rm.com/exploits/2023
http://www.milw0rm.com/exploits/2029
http://www.milw0rm.com/exploits/2083
http://www.milw0rm.com/exploits/2089
http://www.milw0rm.com/exploits/2125
http://www.milw0rm.com/exploits/2196
http://www.milw0rm.com/exploits/2205
http://www.milw0rm.com/exploits/2206
http://www.milw0rm.com/exploits/2207
http://www.milw0rm.com/exploits/2214
http://www.milw0rm.com/exploits/2367
http://www.milw0rm.com/exploits/2613
http://www.milw0rm.com/exploits/3567
http://www.milw0rm.com/exploits/3703
http://www.milw0rm.com/exploits/3753
http://www.milw0rm.com/exploits/4497
http://www.milw0rm.com/exploits/4507
http://www.milw0rm.com/exploits/4521
http://www.milw0rm.com/exploits/5020
http://www.milw0rm.com/exploits/5497
http://www.milw0rm.com/exploits/6003
http://www.milw0rm.com/exploits/7038
http://www.milw0rm.com/exploits/7039
Plugin Details
Severity: Medium
ID: 3687
Family: CGI
Published: 7/24/2006
Updated: 3/6/2019
Nessus ID: 22049
Risk Information
VPR
Risk Factor: High
Score: 7.0
CVSS v2
Risk Factor: Medium
Base Score: 5.8
Temporal Score: 5.2
Vector: CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:P
CVSS v3
Risk Factor: Medium
Base Score: 6.3
Temporal Score: 6
Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Temporal Vector: CVSS:3.0/E:F/RL:W/RC:X
Reference Information
CVE: CVE-2006-3396, CVE-2006-3530, CVE-2006-3556, CVE-2006-3748, CVE-2006-3749, CVE-2006-3750, CVE-2006-3751, CVE-2006-3773, CVE-2006-3774, CVE-2006-3846, CVE-2006-3947, CVE-2006-3949, CVE-2006-3980, CVE-2006-3995, CVE-2006-4074, CVE-2006-4130, CVE-2006-4195, CVE-2006-4270, CVE-2006-4288, CVE-2006-4553, CVE-2006-4858, CVE-2006-5045, CVE-2006-5048, CVE-2006-5519, CVE-2006-6962, CVE-2007-1702, CVE-2007-2005, CVE-2007-2144, CVE-2007-2319, CVE-2007-3130
BID: 24342, 24592, 23529, 23490, 23408, 23113, 23125, 19217, 19222, 19223, 19224, 19233, 19373, 19465, 19505, 19574, 19581, 19725, 20018, 20667, 18705, 18808, 18876, 18919, 18924, 18968, 18991, 19037, 19042, 19044, 19047, 19100