Detections
Analytics

EasyWeb FileManager pathtext Traversal Arbitrary File/Directory Access

medium Nessus Plugin ID 13845

Language:

Synopsis

A web application running on the remote host has a directory traversal vulnerability.

Description

The remote host is running a version of the EasyWeb FileManager module that is vulnerable to a directory traversal attack.

An attacker may use this flaw to read arbitrary files on the remote server by sending malformed requests like :

/index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../file

Note that this might be a false positive, since an attacker would need credentials to exploit this flaw.

Solution

Upgrade to the latest version of this module.

See Also

https://seclists.org/vulnwatch/2004/q3/8

https://seclists.org/bugtraq/2004/Jul/298

Plugin Details

Severity: Medium

ID: 13845

File Name: easyweb_filemanager.nasl

Version: 1.20

Type: remote

Family: CGI abuses

Published: 7/26/2004

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4

Temporal Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Vulnerability Information

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 7/23/2004

Reference Information

CVE: CVE-2004-2047

BID: 10792