Detections
Analytics

Veri-NAC Appliance unauthenticated URL Directory Traversal

medium Nessus Plugin ID 55022

Language:

Synopsis

The remote web server is prone to a directory traversal attack.

Description

The remote host appears to be a Black Box Veri-NAC network access control appliance that allows an unauthenticated, remote attacker to retrieve arbitrary files through its web server using specially crafted requests with '/unauthenticated' followed by directory traversal sequences at the start of the URL.

This can result in the disclosure of sensitive information, such as the device's Active Directory configuration file, shadow password file, and the like.

Solution

Update to version 8.0.10 as that is reported to address the issue.

See Also

http://www.nessus.org/u?0dc91f08

Plugin Details

Severity: Medium

ID: 55022

File Name: verinac_unauthenticated_dir_traversal.nasl

Version: 1.11

Type: remote

Family: CGI abuses

Published: 6/9/2011

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Vulnerability Publication Date: 5/25/2011

Reference Information

BID: 48131

Secunia: 44757