Detections
Analytics

Ubuntu Drupal Theme - Brown images/layout/gradient.php File Disclosure

medium Nessus Plugin ID 50302

Language:

Synopsis

The remote web server hosts a PHP script that is affected by a directory traversal vulnerability.

Description

The version of the Ubuntu Drupal Theme - Brown installed on the Drupal install on the remote host does not properly sanitize user-supplied input to the 'start' and 'end' parameters of the 'images/layout/gradient.php' script before using it to return the contents of a file.

A remote, unauthenticated attacker can exploit this issue to disclose the contents of sensitive files on the affected system subject to the privileges under which the web server operates.

Solution

Either remove the affected file or upgrade to Ubuntu Drupal Theme - Brown 6.x-8.1 or later.

See Also

http://www.nessus.org/u?81af6ee4

https://www.drupal.org/node/947632

Plugin Details

Severity: Medium

ID: 50302

File Name: udtheme_gradient_traversal.nasl

Version: 1.20

Type: Remote

Family: CGI abuses

Published: 10/22/2010

Updated: 4/22/2026

Configuration: Enable thorough checks (optional)

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Tenable score for remote file disclosure.

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: manual

Vulnerability Information

CPE: cpe:/a:drupal:drupal

Required KB Items: installed_sw/Drupal, www/PHP

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/20/2010

Vulnerability Publication Date: 10/20/2010

Reference Information

BID: 44281