you've must have got a phpinfo() page running somewhere .... you can grep your www directory for that one ...
JJ On 9/12/07, Arend P. van der Veen <[EMAIL PROTECTED]> wrote: > > Wade Chandler wrote: > > Does it give you any paths to this PHP application? I haven't seen > anything like it from scanners > > on my server. > > > > Wade > > > > --- "Arend P. van der Veen" <[EMAIL PROTECTED]> wrote: > > > >> Hi, > >> > >> I recently setup a server using Tomcat 5.5 on FreeBSD 6.2. I thought I > >> had everything locked down. > >> > >> I run a nessus scan and found a strange Vulnerability. It says that > states: > >> > >> The remote web server contains a PHP application that is affected by > >> multiple vulnerabilities. > >> > >> I am not using PHP. Has anyone else seen this? > >> > >> Thanks, > >> Arend > >> > >> --------------------------------------------------------------------- > >> To start a new topic, e-mail: users@tomcat.apache.org > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > > > > > > --------------------------------------------------------------------- > > To start a new topic, e-mail: users@tomcat.apache.org > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > Hi Wade, > > I have tomcat sitting on 127.0.0.1:8080 (http) and 127.0.0.1:8081 > (https) and use ipfw to forward from port 80 and 443 respectively. Could > this part of my problem? I am wondering if this is some kind of false > positive. Following is an excerpt from the Nessus Scan Report: > > ****************************************************************** > Synopsis : > > The remote web server contains a PHP application that is affected by > multiple vulnerabilities. > > Description : > > The remote host is running phpSysInfo, a PHP application that parses > the /proc entries on Linux/Unix systems and displays them in HTML. > > The installed version of phpSysInfo on the remote host has a design > flaw in its globalization layer such that the script's variables can > be overwritten independent of PHP's 'register_globals' setting. By > exploiting this issue, an attacker may be able to read arbitrary files > on the remote host (if PHP's 'magic_quotes_gpc' setting is off) and > even execute arbitrary PHP code, both subject to the privileges of the > web server user id. > > In addition, the application fails to sanitize user-supplied input > before using it in dynamically-generated pages, which can be used to > conduct cross-site scripting and HTTP response splitting attacks. > > See also : > > http://www.hardened-php.net/advisory_222005.81.html > > Solution : > > Upgrade to phpSysInfo 2.4.1 or later. > > Risk factor : > > Low / CVSS Base Score : 2.3 > (AV:R/AC:L/Au:NR/C:N/I:P/A:N/B:N) > CVE : CVE-2003-0536, CVE-2005-0870, CVE-2005-3347, CVE-2005-3348 > BID : 7286, 15396, 15414 > Nessus ID : 20215 > *********************************************************************** > > Thanks, > Arens > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
