basilix_attachment_disclosure.nasl
来自「漏洞扫描源码,可以扫描linux,windows,交换机路由器」· NASL 代码 · 共 81 行
NASL
81 行
## This script was written by George A. Theall, <theall@tifaware.com>.## See the Nessus Scripts License for details.#if (description) { script_id(14306); script_version ("$Revision: 38 $"); script_cve_id("CVE-2002-1711"); script_bugtraq_id(5065); name["english"] = "BasiliX Attachment Disclosure Vulnerability"; script_name(english:name["english"]); desc["english"] = "Synopsis :The remote web server contains a series of PHP scripts that are prone toinformation disclosure. Description :The remote host appears to be running a BasiliX version 1.1.0 or lower. Such versions save attachments by default under '/tmp/BasiliX', which isworld-readable and apparently never emptied by BasiliX itself. As aresult, anyone with shell access on the affected system or who can placeCGI files on it can access attachments uploaded to BasiliX. See also :http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0117.htmlSolution : Upgrade to BasiliX version 1.1.1 or later.Risk factor : Low / CVSS Base Score : 2 (AV:L/AC:L/Au:NR/C:P/A:N/I:N/B:C)"; script_description(english:desc["english"]); summary["english"] = "Checks for attachment disclosure vulnerability in BasiliX"; script_summary(english:summary["english"]); script_category(ACT_GATHER_INFO); script_family(english:"CGI abuses"); script_copyright(english:"This script is Copyright (C) 2004 George A. Theall"); script_dependencies("basilix_detect.nasl"); script_require_ports("Services/www", 80); exit(0);}include("http_func.inc");port = get_http_port(default:80);if (!get_port_state(port)) exit(0);if (!can_host_php(port:port)) exit(0);# Test an install.install = get_kb_item(string("www/", port, "/basilix"));if (isnull(install)) exit(0);matches = eregmatch(string:install, pattern:"^(.+) under (/.*)$");if (!isnull(matches)) { ver = matches[1]; if (ver =~ "^(0\..*|1\.(0.*|1\.0))$") { security_note(port); exit(0); }}⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?