Test ID:	1.3.6.1.4.1.25623.1.0.100161
Category:	Web application abuses
Title:	NotFTP 'config.php' Local File Include Vulnerability
Summary:	Determine if NotFTP is vulnerable to Local File Include
Description:	Overview: NotFTP is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view and execute arbitrary local files in the context of the webserver process. This may aid in further attacks. NotFTP 1.3.1 is vulnerable other versions may also be affected. See also: http://www.securityfocus.com/bid/34636
Cross-Ref:	BugTraq ID: 34636 Common Vulnerability Exposure (CVE) ID: CVE-2009-1407 http://www.milw0rm.com/exploits/8504 http://www.securityfocus.com/bid/34636 XForce ISS Database: notftp-config-file-include(49988) http://xforce.iss.net/xforce/xfdb/49988
Copyright	This script is Copyright (C) 2009 Greenbone Networks GmbH

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: