Web Server Directory Traversal Arbitrary File Access

This script is Copyright (C) 1999-2014 Tenable Network Security, Inc.


Synopsis :

The remote web server is affected by a directory traversal
vulnerability.

Description :

It appears possible to read arbitrary files on the remote host outside
the web server's document directory using a specially crafted URL. An
unauthenticated attacker may be able to exploit this issue to access
sensitive information to aide in subsequent attacks.

Note that this plugin is not limited to testing for known
vulnerabilities in a specific set of web servers. Instead, it attempts
a variety of generic directory traversal attacks and considers a
product to be vulnerable simply if it finds evidence of the contents
of '/etc/passwd' or a Windows 'win.ini' file in the response. It may,
in fact, uncover 'new' issues, that have yet to be reported to the
product's vendor.

Solution :

Contact the vendor for an update, use a different product, or disable
the service altogether.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true