Stadtaus PHP Form Mail formmail.inc.php Remote File Inclusion

medium Nessus Plugin ID 17285

Synopsis

The remote web server contains a PHP script that is affected by a remote file include flaw.

Description

There is a version of Form Mail Script, a PHP script by Ralf Stadtaus, installed on the remote host that suffers from a remote file include vulnerability involving the 'script_root' parameter of the 'inc/formmail.inc.php' script. By leveraging this flaw, an attacker may be able to view arbitrary files on the remote host or to execute arbitrary PHP code, possibly taken from third-party hosts if PHP's 'register_globals' setting is enabled.

Solution

Upgrade to Form Mail Script version 2.4 or later.

See Also

https://seclists.org/bugtraq/2005/Mar/97

http://www.stadtaus.com/forum/p-5887.html

Plugin Details

Severity: Medium

ID: 17285

File Name: stadtaus_remote_includes.nasl

Version: 1.18

Type: remote

Family: CGI abuses

Published: 3/7/2005

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Vulnerability Publication Date: 3/4/2005

Reference Information

CVE: CVE-2005-0678

BID: 12735