vBulletin upgrade.php Accessible

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.

Synopsis :

A bulletin board system hosted on the remote web server has a security

Description :

The vBulletin install hosted on the remote host allows access to the
upgrade.php script.  The vendor recommends that access to this be
disabled as a precaution.

Note that the version may be affected by a security bypass vulnerability
due to an error in the configuration mechanism.  This could allow a
remote, unauthenticated attacker to create a new user account with
administrator privileges by sending a specially crafted request to the
'install/upgrade.php' or 'core/install/upgrade.php' script. This could
then allow the attacker to gain administrative access to the vBulletin

Note that Nessus has not tested for the vulnerability itself, but
instead checked only to see if upgrade.php is accessible without

See also :


Solution :

Remove the 'install/upgrade.php' or 'core/install/upgrade.php' script
as well as refer to the supplied URL for additional steps from the
vendor. Additionally, conduct a full security review of the host, as it
may have been compromised.

Risk factor :

High / CVSS Base Score : 7.5

Family: CGI abuses

Nessus Plugin ID: 70764 ()

Bugtraq ID: