Pluck update.php Remote Privilege Escalation

medium Nessus Plugin ID 34304

Language:

Synopsis

The remote web server contains a PHP script that should not be accessible.

Description

The remote host is running pluck, a simple content management system written in PHP.

The installation of pluck on the remote host allows an anonymous remote attacker to call the 'update.php' script, which is intended only for upgrading from one version of pluck to another.

Note that an attacker may be able to use this script to disable the affected application and possibly even execute arbitrary PHP code, although Nessus has not checked for this.

Solution

Remove the 'update.php' script.

Plugin Details

Severity: Medium

ID: 34304

File Name: pluck_update.nasl

Version: 1.10

Type: remote

Family: CGI abuses

Published: 9/28/2008

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

Vulnerability Information

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Detections

Analytics