Firefly Media Server Limited Directory Traversal Admin Credential Disclosure

high Nessus Plugin ID 29252

Synopsis

The remote web server is affected by a partial directory traversal vulnerability.

Description

The remote host is running Firefly Media Server, also known as mt-daapd, a media streaming server.

The version of Firefly Media Server installed on the remote Windows host allows an attacker to retrieve arbitrary files, possibly bypassing authentication, from the parent directory of Firefly's 'admin-root' folder, including the application's configuration file.

In addition, Firefly Media Server has been reported to be vulnerable to two denial of service issues. However, Nessus has not checked for these.

Solution

Unknown at this time.

See Also

https://www.securityfocus.com/archive/1/484763/30/0/threaded

Plugin Details

Severity: High

ID: 29252

File Name: firefly_dir_traversal.nasl

Version: 1.16

Type: remote

Family: CGI abuses

Published: 12/10/2007

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: Host/OS

Exploit Ease: No known exploits are available

Exploited by Nessus: true

Reference Information

BID: 26770