Achievo class.atkdateattribute.js.php config_atkroot Parameter Remote File Inclusion

high Nessus Plugin ID 11109

Synopsis

The remote host contains a resource management tool which is affected by a remote file inclusion vulnerability.

Description

The remote host is running Achievo, a web-based resource management tool written in PHP.

The version of Achievo on the remote host includes a PHP script which is reported to be affected by a remote file include vulnerability. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the privileges of the web server. Note that this flaw is only present if PHP register_globals is set to 'on'. The attacker must also be able to store the attack code on a server that is accessible by the web server.

Solution

Upgrading to Achievo 1.2 or newer reportedly fixes this problem.

See Also

https://seclists.org/bugtraq/2002/Aug/330

Plugin Details

Severity: High

ID: 11109

File Name: achievo_code_injection.nasl

Version: 1.32

Type: remote

Family: CGI abuses

Published: 8/22/2002

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2002-1435

CVSS v3

Risk Factor: High

Base Score: 8.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

Vulnerability Information

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 8/22/2002

Reference Information

CVE: CVE-2002-1435

BID: 5552