ThinClientServer Admin Account Creation Privilege Escalation

high Nessus Plugin ID 23780

Synopsis

The remote web server contains a PHP script that allows creation of additional administrative accounts.

Description

The remote host is running ThinClientServer, an application to convert existing PCs into thin clients.

The version of ThinClientServer installed on the remote host allows an unauthenticated, remote attacker to create administrative accounts.

Solution

It is reported that upgrading to ThinClientServer version 4.0.2248 or higher addresses this issue. You should also review the list of existing administrators and remove any that are not valid.

See Also

http://www.securityfocus.com/advisories/11589

http://www.nessus.org/u?9d0cb22c

Plugin Details

Severity: High

ID: 23780

File Name: thinclientserver_admin_acct_creation.nasl

Version: 1.16

Type: remote

Family: CGI abuses

Published: 12/7/2006

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: www/PHP

Exploit Ease: No exploit is required

Vulnerability Publication Date: 12/6/2006

Reference Information

CVE: CVE-2006-6221

BID: 21300