|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> CGI abuses >> Owl Intranet Engine xrms_file_root Parameter Remote File Include Vulnerability Vulnerability Assessment Details
|
Owl Intranet Engine xrms_file_root Parameter Remote File Include Vulnerability |
||
Tries to read /etc/passwd via Owl Detailed Explanation for this Vulnerability Assessment Summary : The remote web server contains a PHP script that suffers from a remote file include vulnerability. Description : The remote host is running Owl Intranet Engine, a web-based document management system written in PHP. The version of Owl Intranet Engine on the remote host fails to sanitize user-supplied input to the 'xrms_file_root' parameter of the 'lib/OWL_API.php' script before using it in a PHP 'require_once' function. An unauthenticated attacker may be able to exploit this issue to view arbitrary files on the remote host or to execute arbitrary PHP code, possibly taken from third-party hosts. See also : http://downloads.securityfocus.com/vulnerabilities/exploits/owl_082_xpl.pl Solution : Unknown at this time. Network Security Threat Level: High / CVSS Base Score : 7.0 (AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N) Networks Security ID: 17021 Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Tenable Network Security |
||
Cables, Connectors |
Pentium III 600B 600MHz 133MHz Bus Speed 512K Slot 1 SECC2 CPU
$15.99
Intel - Core i9-12900K Desktop Processor 16 (8P+8E) Cores up to 5.2 GHz Unloc...
$619.99
Intel - Core i7-12700K Desktop Processor 12 (8P+4E) Cores up to 5.0 GHz Unloc...
$419.99
Intel Xeon E5-2697A V4 2.6GHz CPU Processor 16-Core Socket LGA2011 SR2K1
$39.99
AMD Ryzen 9 5950X 16-core 32-thread Desktop Processor
$319.99
Intel Core i5-8500 3 GHz 8 GT/s LGA 1151 Desktop CPU Processor SR3XE
$49.99
Intel - Core i9-14900K 14th Gen 24-Core 32-Thread - 4.4GHz (6.0GHz Turbo) Soc...
$619.99
Intel Xeon E5-2697 v2 2.7GHz 30M 12-Core LGA2011 CPU Processor SR19H
$27.99
Intel Core i5-12400 Desktop Processor With HeatSink
$140.00
Intel Xeon E5-2667V4 SR2P5 (3.2GHZ/8-CORE/25MB/135W) PROCESSOR CPU
$39.95
|
||
No Discussions have been posted on this vulnerability. |