Detections
Analytics

FreePBX gen_amp_conf.php Information Disclosure

high Nessus Plugin ID 58088

Language:

Synopsis

A web application on the remote host is affected by an information disclosure vulnerability.

Description

By requesting the 'admin/modules/framework/bin/gen_amp_conf.php' script directly, an unauthenticated, remote attacker can discover all the configuration parameters, including the admin password, for the FreePBX installed on the remote host, thereby gaining administrative access to it.

Solution

Upgrade FreePBX to version 2.9.0 or later, with the most up-to-date core and framework modules.

Alternatively, update the Apache configuration on the server to prevent remote access to the affected script.

See Also

http://www.nessus.org/u?36cd0cc3

https://seclists.org/bugtraq/2012/Feb/75

http://www.nessus.org/u?8af42c16

Plugin Details

Severity: High

ID: 58088

File Name: freepbx_gen_amp_conf.nasl

Version: 1.9

Type: remote

Family: CGI abuses

Published: 2/22/2012

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:freepbx:freepbx

Required KB Items: www/PHP, installed_sw/FreePBX

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2/14/2012

Reference Information

BID: 52048