Detections
Analytics

Plesk Multiple Script locale_id Parameter Traversal Arbitrary File Access

medium Nessus Plugin ID 25090

Language:

Synopsis

The remote web server contains a PHP application that is prone to a directory traversal attack.

Description

The remote host is running Plesk, a control panel used to administer and manage websites.

The version of Plesk installed on the remote host fails to sanitize user-supplied input to the 'locale_id' parameter of the 'login.php3', 'login_up.php', and 'top.php3' scripts before using it to access files. On a Windows platform, an unauthenticated attacker can leverage this issue to read the contents of arbitrary files on the remote host, subject to the privileges of the web server user id.

Solution

See the vendor's website for patch information.

See Also

http://kb.plesk.com/en/1798

Plugin Details

Severity: Medium

ID: 25090

File Name: plesk_locale_id_traversal.nasl

Version: 1.19

Type: remote

Family: CGI abuses

Published: 4/27/2007

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:swsoft:plesk

Required KB Items: www/PHP

Exploit Ease: No exploit is required

Exploited by Nessus: true

Vulnerability Publication Date: 4/13/2007

Reference Information

CVE: CVE-2007-2268

BID: 23639