4D WebStar < 5.3.3 Information Disclosure
Medium Nessus Network Monitor Plugin ID 2171
SynopsisThe remote host is vulnerable to multiple attack vectors.
DescriptionThe remote server is running 4D WebStar Web Server. The remote server is vulnerable to two issues: an attacker may be able to obtain the listing of a directory by appending a star (*) to the directory name and an attacker may obtain the file php.ini by directly requesting /cgi-bin/php.ini
SolutionUpgrade to 4D WebStar 5.3.3 or higher.