Test Kennung:	1.3.6.1.4.1.25623.1.0.14830
Kategorie:	CGI abuses
Titel:	@lex guestbook remote file include
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host seems to be running @lex guestbook, a guestbook web application written in PHP. This version is prone to a vulnerability that may permit remote attackers, without prior authentication, to include and execute malicious PHP scripts. Remote users may influence URI variables to include a malicious PHP script on a remote system, it is possible to cause arbitrary PHP code to be executed. Solution : Update to the newest version of this software Risk factor : High
Querverweis:	BugTraq ID: 11260 Common Vulnerability Exposure (CVE) ID: CVE-2004-1554 http://www.securityfocus.com/bid/11260 Bugtraq: 20040926 @lex Guestbook (PHP) Include file (Google Search) http://marc.info/?l=bugtraq&m=109635806703748&w=2 http://packetstormsecurity.nl/0410-exploits/alexPHP.txt http://securitytracker.com/id?1011432 XForce ISS Database: @lex-guestbook-file-include(17516) https://exchange.xforce.ibmcloud.com/vulnerabilities/17516
Copyright	This script is Copyright (C) 2004 Tenable Network Security

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.