Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

4D WebStar < 5.3.3 Information Disclosure

Medium

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote server is running 4D WebStar Web Server. The remote server is vulnerable to two issues: an attacker may be able to obtain the listing of a directory by appending a star (*) to the directory name and an attacker may obtain the file php.ini by directly requesting /cgi-bin/php.ini

Solution

Upgrade to 4D WebStar 5.3.3 or higher.