Summary
This host is running Arkeia Appliance and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to perform directory traversal attacks and read arbitrary files on the affected application.
arbitrary data.
Impact Level: Application
Solution
Upgrade to Arkeia Appliance 10.1.10 or later,
For updates refer to http://www.arkeia.com/download
Insight
Multiple flaws are due,
- There are no restrictions when a POST request is send to '/scripts/upload.php' thus allowing any unauthenticated client to upload any data to the /tmp/ApplianceUpdate file.
- Input passed via 'lang' parameter to 'Cookie' field in HTTP header is not properly sanitised before being returned to the user.
Affected
Arkeia Appliance Version 10.0.10 and prior.
Detection
Send the crafted HTTP GET request and check is it possible to read the system file or not.
References
Updated on 2015-03-25