alwaysdata All Projects: Tasklist

	ID	Status	Summary	Opened by
	~~140~~	Closed	~~Sensitive Information Disclosure via Exposed phpinfo Pa~~ ...	zeusvuln	Task Description Summary: An accessible phpinfo page at https://net2ftp.alwaysdata.com/skins/php.php discloses detailed configuration information about the PHP environment. This information can be leveraged by attackers to identify potential vulnerabilities, misconfigurations, and outdated software components. Details: PHP Version: 5.6.40 System Information: Operating System: Linux (kernel version 6.6.30-alwaysdata) Server API: CGI/FastCGI Configuration Exposure: Paths to configuration files (php.ini) and directories Enabled/disabled PHP functions and security settings (e.g., disable_functions, open_basedir) Loaded extensions and their versions Environment details such as server API and build dates Steps to Reproduce: Navigate to the URL: https://net2ftp.alwaysdata.com/skins/php.php Observe that the page displays comprehensive PHP configuration details. Impact: Information Disclosure: The exposed details provide attackers with insights into the server configuration, which could be used to tailor further attacks. Risk of Exploitation: -Identification of outdated software (PHP 5.6.40 is no longer supported and may have known vulnerabilities). -Knowledge of disabled functions and active extensions can assist in formulating targeted exploitation strategies (e.g., leveraging known vulnerabilities in specific extensions or misconfigurations). -Potential Follow-on Attacks: While phpinfo itself is not a direct vulnerability, the information disclosed could aid in other attacks, such as Local File Inclusion (LFI) or Remote Code Execution (RCE), if combined with other weaknesses. Severity: Risk Level: High the server also runs outdated or unpatched components and the phpinfo page is publicly accessible without any authentication or access control. Recommendations: -Restrict Access: Remove or restrict access to the phpinfo page from the public internet. Consider using authentication or IP whitelisting if the page is needed for internal diagnostics. -Update PHP: Upgrade to a supported and secure version of PHP to mitigate potential exploits that target known vulnerabilities in PHP 5.6.40. -Harden Configuration: Ensure that sensitive functions (e.g., exec(), shell_exec()) are disabled if not necessary. Review and adjust settings such as open_basedir to limit access to the file system.

~~140~~

Closed

~~Sensitive Information Disclosure via Exposed phpinfo Pa~~ ...

Task Description

Summary:
An accessible phpinfo page at https://net2ftp.alwaysdata.com/skins/php.php discloses detailed configuration information about the PHP environment. This information can be leveraged by attackers to identify potential vulnerabilities, misconfigurations, and outdated software components.

Details:

PHP Version: 5.6.40
System Information:
Operating System: Linux (kernel version 6.6.30-alwaysdata)
Server API: CGI/FastCGI
Configuration Exposure:
Paths to configuration files (php.ini) and directories
Enabled/disabled PHP functions and security settings (e.g., disable_functions, open_basedir)
Loaded extensions and their versions
Environment details such as server API and build dates
Steps to Reproduce:
Navigate to the URL: https://net2ftp.alwaysdata.com/skins/php.php Observe that the page displays comprehensive PHP configuration details.
Impact:
Information Disclosure: The exposed details provide attackers with insights into the server configuration, which could be used to tailor further attacks.
Risk of Exploitation:
-Identification of outdated software (PHP 5.6.40 is no longer supported and may have known vulnerabilities).
-Knowledge of disabled functions and active extensions can assist in formulating targeted exploitation strategies (e.g., leveraging known vulnerabilities in specific extensions or misconfigurations).
-Potential Follow-on Attacks: While phpinfo itself is not a direct vulnerability, the information disclosed could aid in other attacks, such as Local File Inclusion (LFI) or Remote Code Execution (RCE), if combined with other weaknesses.
Severity:
Risk Level: High the server also runs outdated or unpatched components and the phpinfo page is publicly accessible without any authentication or access control.
Recommendations:
-Restrict Access:
Remove or restrict access to the phpinfo page from the public internet. Consider using authentication or IP whitelisting if the page is needed for internal diagnostics.
-Update PHP:
Upgrade to a supported and secure version of PHP to mitigate potential exploits that target known vulnerabilities in PHP 5.6.40.
-Harden Configuration:
Ensure that sensitive functions (e.g., exec(), shell_exec()) are disabled if not necessary.
Review and adjust settings such as open_basedir to limit access to the file system.

Showing tasks 1 - 1 of 1 Page 1 of 1

All Projects

Available keyboard shortcuts

Tasklist

Task Details

Task Editing