Detections
Analytics
Artica < 1.4.101900 mailattach Parameter Directory Traversal
high Nessus Plugin ID 50326
Language:
Synopsis
The remote web server contains a web application that is susceptible to a directory traversal attack.Description
The installed version of Artica fails to sanitize user-supplied input to the 'mailattach' parameter of the 'images.listener.php' script. By prefixing directory traversal strings such as '....//' to the 'mailattach' parameter a remote, unauthenticated attacker could exploit this vulnerability to read arbitrary files from the remote system.Solution
Upgrade to Artica v1.4.101900 or later.See Also
http://www.artica.fr/index.php/get-a-download-artica/nightly-builds
Plugin Details
Severity: High
ID: 50326
File Name: artica_mailattach_dir_traversal2.nasl
Version: 1.7
Type: remote
Family: CGI abuses
Published: 10/25/2010
Updated: 1/19/2021
Supported Sensors: Nessus
Risk Information
CVSS v2
Risk Factor: High
Base Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N
Vulnerability Information
Required KB Items: www/lighttpd, www/artica
Excluded KB Items: Settings/disable_cgi_scanning
Patch Publication Date: 10/19/2010
Vulnerability Publication Date: 10/19/2010