AJ-Fork Permission Weakness Information Disclosure
Medium Nessus Network Monitor Plugin ID 2342
SynopsisThe remote host is vulnerable to a flaw that allows attackers to retrieve sensitive files or data.
DescriptionPVS observed that the remote webserver is running the AJ-Fork service.
This version of AJ-Fork is vulnerable to a remote attack wherein the critical system files used by AJ-Fork can be read and written by any anonymous remote user. All versions of AJ-Fork up to and including version 167 are reported vulnerable.
SolutionUpgrade or patch according to vendor recommendations.