Detections
Analytics

Apache on Windows mod_alias URL Validation Canonicalization CGI Source Disclosure

medium Nessus Plugin ID 22203

Language:

Synopsis

The remote web server is affected by an information disclosure issue.

Description

The version of Apache for Windows running on the remote host can be tricked into disclosing the source of its CGI scripts because of a configuration issue. Specifically, if the CGI directory is located within the document root, then requests that alter the case of the directory name will bypass the mod_cgi cgi-script handler and be treated as requests for ordinary files.

Solution

Reconfigure Apache so that the scripts directory is located outside of the document root.

See Also

https://www.securityfocus.com/archive/1/442882/30/0/threaded

Plugin Details

Severity: Medium

ID: 22203

File Name: apache_scriptalias_in_htdocs_dir_traversal.nasl

Version: 1.25

Type: remote

Family: CGI abuses

Published: 8/11/2006

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.4

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:http_server

Excluded KB Items: Settings/disable_cgi_scanning, installed_sw/Apache

Exploit Ease: No exploit is required

Exploited by Nessus: true

Vulnerability Publication Date: 8/9/2006

Reference Information

CVE: CVE-2006-4110

BID: 19447