Poll It CGI data_dir Parameter Arbitrary File Access

high Nessus Plugin ID 10459

Synopsis

The remote web server contains a CGI script that allows arbitrary file access.

Description

'Poll_It_SSI_v2.0.cgi' is installed. This CGI has a well known security flaw that lets an attacker retrieve any file from the remote system, e.g.
/etc/passwd.

Solution

Remove 'Poll_It_SSI_v2.0.cgi' from /cgi-bin.

Plugin Details

Severity: High

ID: 10459

File Name: pollit.nasl

Version: 1.35

Type: remote

Family: CGI abuses

Published: 7/12/2000

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Vulnerability Publication Date: 7/6/2000

Reference Information

CVE: CVE-2000-0590

BID: 1431

Detections

Analytics