VPOPMail for SquirrelMail vpopmail.php Arbitrary Command Execution

high Nessus Plugin ID 11397

Synopsis

The remote web server has a PHP script which may allow arbitrary code execution on the remote system.

Description

The remote host is running an old version of vpopmail.php (an extension to squirrelmail) which allows users to execute arbitrary commands on the remote host with the same privileges as the web server the user is running as.

Solution

Upgrade to VPOPMail 0.98 or newer

Plugin Details

Severity: High

ID: 11397

File Name: vpopmail_cmd_exec.nasl

Version: 1.17

Type: remote

Family: CGI abuses

Published: 3/15/2003

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: No exploit is required

Reference Information

BID: 7063

Detections

Analytics