ID de Prueba:	1.3.6.1.4.1.25623.1.0.56643
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: phpwebftp
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: phpwebftp CVE-2006-1812 phpWebFTP 3.2 and earlier stores script.js under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information. CVE-2006-1813 Directory traversal vulnerability in index.php in phpWebFTP 3.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the language parameter. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-1812 BugTraq ID: 17557 http://www.securityfocus.com/bid/17557 Bugtraq: 20060417 PhpWebFTP 3.2 Login Script (Google Search) http://www.securityfocus.com/archive/1/431115/100/0/threaded http://secunia.com/advisories/19706 XForce ISS Database: phpwebftp-scriptjs-obtain-information(25921) https://exchange.xforce.ibmcloud.com/vulnerabilities/25921 Common Vulnerability Exposure (CVE) ID: CVE-2006-1813 http://securityreason.com/securityalert/723 http://www.vupen.com/english/advisories/2006/1388 XForce ISS Database: phpwebftp-index-directory-traversal(25920) https://exchange.xforce.ibmcloud.com/vulnerabilities/25920
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.