Detections
Analytics

BDPDT for DotNetNuke (.net nuke) uploadfilepopup.aspx File Upload Privilege Escalation

critical Nessus Plugin ID 21747

Language:

Synopsis

The remote web server contains an ASP script that allows uploading of arbitrary files.

Description

The remote host contains BDPDT, a database abstraction layer used in various add-on modules for DotNetNuke.

The installed version of the BDPDT contains an ASP.NET script that allows an unauthenticated attacker to gain control of the affected host by allowing uploading arbitrary files with the 'UploadFilePopUp.aspx' script.

Solution

Contact the vendor for a newer version of BDPDT.

See Also

http://www.dotnetnuke.com/Community/Blogs/tabid/825/EntryID/422/Default.aspx

https://forums.asp.net/post/1276672.aspx

http://www.wwwcoder.com/Default.aspx?tabid=283&EntryID=723

http://www.wwwcoder.com/Default.aspx?tabid=283&EntryID=733

Plugin Details

Severity: Critical

ID: 21747

File Name: bdpdt_cmd_exec.nasl

Version: 1.16

Type: remote

Family: CGI abuses

Published: 6/23/2006

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 9.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: www/ASP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2006-3601

BID: 18522