SiteKiosk < 6.5.150 Multiple Vulnerabilities

Medium Nessus Plugin ID 23969


The remote Windows host has an application that is affected by multiple access bypass vulnerabilities.


According to its version number, the installation of SiteKiosk on the remote host contains an unspecified ActiveX control that is marked as 'safe for scripting' yet exposes two dangerous methods that reading and downloading of any file from the kiosk. In addition, it fails to completely sanitize input in its 'skinning' feature before using it to generate dynamic HTML output. By leveraging either issue, a local user may be able to view the contents of files on the affected host.

Note that SiteKiosk by default runs with LOCAL SYSTEM privileges.


Upgrade to SiteKiosk version 6.5.150 or later.

See Also

Plugin Details

Severity: Medium

ID: 23969

File Name: sitekiosk_65150.nasl

Version: $Revision: 1.14 $

Type: local

Agent: windows

Family: Windows

Published: 2007/01/03

Modified: 2016/11/03

Dependencies: 13855

Risk Information

Risk Factor: Medium


Base Score: 4.1

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:M/Au:S/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2006/12/11

Reference Information

CVE: CVE-2006-6509, CVE-2006-6510

BID: 21567

OSVDB: 32280, 32281