PHP-Blogger pref.db Database Information Disclosure

medium Nessus Plugin ID 25822

Synopsis

The remote web server contains a PHP application that is affected by an information disclosure vulnerability.

Description

The remote host is running PHP-Blogger, a photo blog script written in PHP.

The version of PHP-Blogger installed on the remote host stores configuration information in the file 'data/pref.db' and fails to restrict access to this file. By issuing a direct request for the file, an attacker can gain access to sensitive information, such as the password hash, which can in turn allow him to gain administrative access to the application itself.

Solution

Limit access to PHP-Blogger's 'data' directory using, say, a .htaccess file.

See Also

http://cxsecurity.com/issue/WLB-2007080025

Plugin Details

Severity: Medium

ID: 25822

File Name: phpblogger_pref_db_download.nasl

Version: 1.18

Type: remote

Family: CGI abuses

Published: 7/31/2007

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.7

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:phpblogger:php-blogger

Required KB Items: www/phpBB

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Vulnerability Publication Date: 7/28/2007

Reference Information

CVE: CVE-2007-4157

BID: 25143