The host is installed with ownCloud and is prone to multiple vulnerabilities.

Successful exploitation will allow remote attackers to gain access to arbitrary local files, gain access to session ID information and recently edited documents of every existing user and bypass the password-protection gaining access to shared files. Impact Level: Application

Upgrade to ownCloud Server 6.0.6 or 7.0.3 or later. For updates refer to http://owncloud.org

Multiple errors exists due to, - Multiple unspecified flaws related to the 'enable_previews' switch in the config.php script. - Two flaws in the Documents application that is due to the persistence of an unspecified legacy API method and missing access controls in the API.

ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

• http://osvdb.org/115167
• http://osvdb.org/115168
• http://osvdb.org/115170
• https://owncloud.org/security/advisory/?id=oc-sa-2014-024
• https://owncloud.org/security/advisory/?id=oc-sa-2014-025
• https://owncloud.org/security/advisory/?id=oc-sa-2014-026

---

Updated on 2015-03-25