Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> CGI abuses >> ezPublish config disclosure


Vulnerability Assessment Details

ezPublish config disclosure

Vulnerability Assessment Summary
Determine if ezPublish config file can be retrieved

Detailed Explanation for this Vulnerability Assessment

ezPublish (a content management system) is installed on the remote host.

A possible hacker may retrieve the file 'settings/site.ini' and gather
interesting information about the remote host, as it contains the
configuration of ezPublish.

Solution : Prevent the download of .ini files from your web server
Network Security Threat Level: Medium

Networks Security ID: 7347, 7349

Vulnerability Assessment Copyright: This script is Copyright (C) 2003 Renaud Deraison

Cables, Connectors

Dell PowerEdge R720 2x E5-2670 v2 2.5Ghz 10 Core 384GB 8x 2TB 7.2K SAS H710
$4350.0
Dell PowerEdge R720 2x E5-2670 v2 2.5Ghz 10 Core 384GB 8x 2TB 7.2K SAS H710 pictureDell PowerEdge R720 2x E5-2650 v2 2.6Ghz 8 Core 48GB 8x 600GB 15K SAS H710
$3500.0
Dell PowerEdge R720 2x E5-2650 v2 2.6Ghz 8 Core 48GB 8x 600GB 15K SAS H710 pictureApple MacBook Pro A1278 13.3" Core i5-2.5GHz, 8gb, 180SSD (June, 2012)
$299.0
Apple MacBook Pro A1278 13.3Dell Optiplex 960 Desktop Core 2 Quad Q9400 2.66Ghz 8GB 500GB Hard Drive DVD-RW
$119.99
Dell Optiplex 960 Desktop Core 2 Quad Q9400 2.66Ghz 8GB 500GB Hard Drive DVD-RW picture


Discussions

No Discussions have been posted on this vulnerability.