Redhat Stronghold status / info Request Information Disclosure

medium Nessus Plugin ID 10803

Synopsis

The remote host has an application that is affected by an information disclosure vulnerability.

Description

Redhat Stronghold Secure Server File System Disclosure Vulnerability

The problem:
In Redhat Stronghold from versions 2.3 up to 3.0 a flaw exists that allows a remote attacker to disclose sensitive system files including the httpd.conf file, if a restricted access to the server status report is not enabled when using those features.
This may assist an attacker in performing further attacks.

By trying the following urls, an attacker can gather sensitive information:
http://target/stronghold-info will give information on configuration http://target/stronghold-status will return among other information the list of request made

Please note that this attack can be performed after a default installation. The vulnerability seems to affect all previous version of Stronghold.

Solution

Patch was released (November 19, 2001)

Plugin Details

Severity: Medium

ID: 10803

File Name: stronghold.nasl

Version: 1.25

Type: remote

Family: CGI abuses

Published: 11/25/2001

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.7

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Required KB Items: www/apache

Exploit Ease: No exploit is required

Vulnerability Publication Date: 11/23/2001

Reference Information

CVE: CVE-2001-0868

BID: 3577

Detections

Analytics