GNUMP3d < 2.9.6 Multiple Remote Vulnerabilities (XSS, Traversal)

medium Nessus Plugin ID 20110

Synopsis

The remote streaming server is prone to directory traversal and cross- site scripting attacks.

Description

The remote host is running GNUMP3d, an open source audio / video streaming server.

The installed version of GNUMP3d on the remote host fails to completely filter out directory traversal sequences from request URIs. By leveraging this flaw, an attacker can read arbitrary files on the remote host subject to the privileges under which the server operates. In addition, it fails to sanitize user-supplied input to several scripts, which can be used to launch cross-site scripting attacks against the affected application.

Solution

Upgrade to GNUMP3d 2.9.7 or later.

See Also

http://www.nessus.org/u?ee529de4

Plugin Details

Severity: Medium

ID: 20110

File Name: gnump3d_296.nasl

Version: 1.26

Type: remote

Family: CGI abuses

Published: 10/31/2005

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.5

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:gnu:gnump3d

Exploit Ease: No known exploits are available

Exploited by Nessus: true

Vulnerability Publication Date: 10/28/2005

Reference Information

CVE: CVE-2005-3123, CVE-2005-3424, CVE-2005-3425

BID: 15226, 15228, 15341

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990