Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:2138 |
Message | WEB-MISC logicworks.ini access |
Summary | This event is generated when an attempt is made to access a configuration file for the php application Web-ERP. |
Impact | Information disclosure. |
Detailed Information | This event indicates that an attempt has been made to access a configuration file for the php application Web-ERP. Versions of the web based accounting system Web-ERP do not sufficiently protect the application configuration files. This could lead to sensitive information being disclosed to an unauthorized user. This rule generates an event if a request is made for the configuration file "logicworks.ini". |
Affected Systems | Web-ERP Web-ERP 0.1.4 |
Attack Scenarios | An attacker can gain access to the application configuration by making a simple web request. The attacker might then use the information in further attacks against the host. |
Ease of Attack | Simple. No exploit software required. |
Corrective Action | Upgrade to the latest non-affected version of the software. |
Additional References | |
Rule References | bugtraq: 6996 nessus: 11639 |
--
DID:287050
--
http://www.aanval.com/