Summary
This host is installed with XAMPP and is
prone to arbitrary file download vulnerability.
Impact
Successful exploitation will allow remote
attacker to manipulate the file and execute arbitrary script or HTML code.
Impact Level: Application
Solution
Upgrade to version 1.8.2 or later,
For updates refer http://sourceforge.net/projects/xampp
Insight
Flaw is due to /xampp/lang.php script not
properly handling WriteIntoLocalDisk method (i.e) granting write access to the lang.tmp file to unprivileged users.
Affected
XAMPP version 1.8.1, Prior versions may
also be affected.
Detection
Send a crafted HTTP GET request and
check whether it is able to write data into local file or not.
References
Severity
Classification
-
CVE CVE-2013-2586 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Adobe ColdFusion Unspecified Information Disclosure Vulnerability
- An Image Gallery Directory Traversal Vulnerability
- @Mail 'admin.php' Cross-Site Scripting Vulnerabilities
- 7Media Web Solutions EduTrac Directory Traversal Vulnerability
- 11in1 Cross Site Request Forgery and Local File Include Vulnerabilities