Detections
Analytics

IlohaMail Configuration Scripts Remote Disclosure

medium Nessus Plugin ID 16161

Language:

Synopsis

The remote host is running a webmail application that is affected by an information disclosure vulnerability.

Description

The remote host is running Ilohamail, a web-based mail interface written in PHP.

The remote installation of this software is not configured properly, in the sense that it allows any user to download its configuration files by requesting the '/conf/conf.inc' or '/conf/custom_auth.inc' file. The content of these files may contain sensitive information which may help an attacker to organize better attacks against the remote host.

Solution

Prevent the download of .inc files at the web server level.

See Also

https://seclists.org/bugtraq/2005/Jan/118

Plugin Details

Severity: Medium

ID: 16161

File Name: ilohamail_insecure_install.nasl

Version: 1.14

Type: remote

Family: CGI abuses

Published: 1/13/2005

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Required KB Items: www/PHP

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 1/11/2005

Reference Information

BID: 12252

Secunia: 13807