OpenX < 2.8.2 Arbitrary File Upload
Medium Nessus Network Monitor Plugin ID 5246
SynopsisThe remote web server is vulnerable to a remote file upload attack.
DescriptionThe remote web server is hosting OpenX, a web-based ad server. The installed version is earlier than 2.8.2. Such versions are potentially affected by a remote file upload vulnerability. The application fails to verify the MIME type associated with an uploaded file. An attacker, exploiting this flaw, could execute arbitrary code on the remote server.
SolutionUpgrade to OpenX 2.8.2 or later.