Horde test.php Direct Reqest Information Disclosure

medium Nessus Plugin ID 11617

Language:

Synopsis

The remote web server contains a PHP script that suffers from an information disclosure vulnerability.

Description

The remote server is running Horde or a related project along with one or more test scripts. These scripts may leak server-side information that is valuable to an attacker.

Solution

Delete the affected scripts or make them unreadable by the web server.

Plugin Details

Severity: Medium

ID: 11617

File Name: horde_test_disclosure.nasl

Version: 1.26

Type: remote

Family: CGI abuses

Published: 5/12/2003

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:horde:horde_application_framework

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning