Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

AJ-Fork Permission Weakness Information Disclosure

Medium

Synopsis

The remote host is vulnerable to a flaw that allows attackers to retrieve sensitive files or data.

Description

PVS observed that the remote webserver is running the AJ-Fork service. This version of AJ-Fork is vulnerable to a remote attack wherein the critical system files used by AJ-Fork can be read and written by any anonymous remote user. All versions of AJ-Fork up to and including version 167 are reported vulnerable.

Solution

Upgrade or patch according to vendor recommendations.