Summary
This host is installed with TYPO3 and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to steal the victim's cookie-based authentication credentials or access arbitrary file.
Impact Level: Application
Solution
Upgrade to TYPO3 version 4.0.12, 4.1.10, 4.2.6 or later, or apply the patch mentioned in the below link
http://typo3.org/teams/security/security-bulletins/typo3-core/TYPO3-SA-2009-002/
Insight
Multiple error exists in the application,
- An error exist in jumpUrl mechanism, which will disclose a hash secret.
- An error exist in backend user interface, which fails to validate user supplied input properly.
Affected
TYPO3 versions 3.3.x, 3.5.x, 3.6.x, 3.7.x, 3.8.x, 4.0 to 4.0.11, 4.1.0 to 4.1.9, 4.2.0 to 4.2.5, 4.3alpha1
Detection
Send a Crafted HTTP GET request and check whether it is able to fetch a remote file.
References
Severity
Classification
-
CVE CVE-2009-0815, CVE-2009-0816 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
- Adobe ColdFusion Multiple Full Path Disclosure Vulnerabilities
- AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities
- AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities
- Aker Secure Mail Gateway Cross-Site Scripting Vulnerability