ID de Prueba:	1.3.6.1.4.1.25623.1.0.11236
Categoría:	CGI abuses
Título:	PHP-Nuke is installed on the remote host
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is running a copy of PHP-Nuke. Given the insecurity history of this package, the Nessus team recommends that you do not use it but use something else instead, as security was clearly not in the mind of the persons who wrote it. The author of PHP-Nuke (Francisco Burzi) even started to rewrite the program from scratch, given the huge number of vulnerabilities (http://www.phpnuke.org/modules.php?name=News&file=article&sid=5640) Solution : De-install this package and use something else Risk factor : High
Referencia Cruzada:	BugTraq ID: 6446 BugTraq ID: 6465 BugTraq ID: 6503 BugTraq ID: 6750 BugTraq ID: 6887 BugTraq ID: 6890 BugTraq ID: 7031 BugTraq ID: 7060 BugTraq ID: 7078 BugTraq ID: 7079 Common Vulnerability Exposure (CVE) ID: CVE-2001-0292 Bugtraq: 20010302 PHPNUKE4.4.1a Advisory (Google Search) http://archives.neohapsis.com/archives/bugtraq/2001-02/0525.html Common Vulnerability Exposure (CVE) ID: CVE-2001-0320 Bugtraq: 20010223 Yet another hole in PHP-Nuke (Google Search) http://archives.neohapsis.com/archives/bugtraq/2001-02/0425.html Common Vulnerability Exposure (CVE) ID: CVE-2001-0854 BugTraq ID: 3510 http://www.securityfocus.com/bid/3510 Bugtraq: 20011105 Copying and Deleting Files Using PHP-Nuke (Google Search) http://marc.info/?l=bugtraq&m=100525739116093&w=2 http://www.iss.net/security_center/static/7478.php Common Vulnerability Exposure (CVE) ID: CVE-2001-0911 BugTraq ID: 3567 http://www.securityfocus.com/bid/3567 Bugtraq: 20011121 PhpNuke Admin password can be stolen ! (Google Search) http://marc.info/?l=bugtraq&m=100638850219503&w=2 XForce ISS Database: phpnuke-postnuke-insecure-passwords(7596) https://exchange.xforce.ibmcloud.com/vulnerabilities/7596 Common Vulnerability Exposure (CVE) ID: CVE-2001-1025 BugTraq ID: 3149 http://www.securityfocus.com/bid/3149 http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0019.html Common Vulnerability Exposure (CVE) ID: CVE-2002-0206 BugTraq ID: 3889 http://www.securityfocus.com/bid/3889 Bugtraq: 20020116 PHP-Nuke allows Command Execution & Much more (Google Search) http://marc.info/?l=bugtraq&m=101121913914205&w=2 CERT/CC vulnerability note: VU#221683 http://www.kb.cert.org/vuls/id/221683 XForce ISS Database: phpnuke-index-command-execution(7914) https://exchange.xforce.ibmcloud.com/vulnerabilities/7914 Common Vulnerability Exposure (CVE) ID: CVE-2002-0483 BugTraq ID: 4333 http://www.securityfocus.com/bid/4333 Bugtraq: 20020320 Fw: PHPNuke 5.4 Path Disclosure Vulnerability? (Google Search) http://online.securityfocus.com/archive/1/263337 http://www.iss.net/security_center/static/8618.php Common Vulnerability Exposure (CVE) ID: CVE-2002-1242 BugTraq ID: 6088 http://www.securityfocus.com/bid/6088 Bugtraq: 20021101 iDEFENSE Security Advisory 10.31.02c: PHP-Nuke SQL Injection Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=103616324103171&w=2 http://www.idefense.com/advisory/10.31.02c.txt http://www.osvdb.org/6244 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0051.html http://www.iss.net/security_center/static/10516.php
Copyright	This script is Copyright (C) 2003 Renaud Deraison

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.