Detections
Analytics

F-Secure Internet Gatekeeper for Linux Log Disclosure (FSC-2011-1)

medium Nessus Plugin ID 52026

Language:

Synopsis

The remote web server hosts an application that is affected by an information disclosure vulnerability.

Description

The version of F-Secure Internet Gatekeeper for Linux installed on the remote host allows unauthenticated access to log files, which could allow disclosure of sensitive information.

Solution

Either upgrade to F-Secure Internet Gateway for Linux 4.x or apply Hotfix 1 for version 3.x.

See Also

http://jvn.jp/en/jp/JVN71542734/index.html

http://www.nessus.org/u?d088e126

Plugin Details

Severity: Medium

ID: 52026

File Name: fsecure_fsc_2011_1.nasl

Version: 1.13

Type: remote

Family: CGI abuses

Published: 2/18/2011

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:f-secure:internet_gatekeeper

Required KB Items: www/fsecure_igk

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Patch Publication Date: 2/15/2011

Vulnerability Publication Date: 2/16/2011

Reference Information

CVE: CVE-2011-0453

BID: 46381

Secunia: 43326