PHP-Nuke Discloses Installation Path to Remote Users
|
|
SecurityTracker Alert ID: 1005850 |
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Dec 23 2002
|
Impact: Disclosure of system information
|
Version(s): 6.0
|
Description: An information disclosure vulnerability was reported in PHP-Nuke. A remote user can determine the installation path.
A remote user can supply the following type of URL to cause the system to display the installation path:
http://target.com/modules.php?name=Your_Account&op=userinfo&uname=
|
Impact: A remote user can determine the installation path of the software.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: www.phpnuke.org/ (Links to External Site)
|
Cause: Exception handling error
|
Underlying OS: Linux (Any), UNIX (Any)
|
Reported By: "Ing. Bernardo Lopez" <bloodk@prodigy.net.mx>
|
Message History:
None.
|
Source Message Contents
|
Date: 22 Dec 2002 05:27:48 -0600
From: "Ing. Bernardo Lopez" <bloodk@prodigy.net.mx>
Subject: PHPNuke 6.0 path disclosure [again]
|
Informations :
°°°°°°°°°°°°°°
Product : PHP-Nuke
Version : 6.0 (other versions not tested jet)
Website : http://www.phpnuke.org
Problems :
- Path Disclosure
Hi all, here is other path disclosure vulneravilitie in phpnuke 6.0:
xploit:
http://target.com/modules.php?name=Your_Account&op=userinfo&uname=
If the module "your acount" is enabled (i guess ALL phpnuke users have
it enabled) and is for all user may see that url... then that bug is
enabled, if you put "your acount" as only registred/administrator
users... then nobody can create a new acount...
Any hints to correct this bug?
Also i have tested it on phpnuke.org and it is vulnerable to... other
phpnuke based's web are also vuln...
Have a nice day, and sorry by my bad english... :) also sorry by using
the header of the report of Frog Man, but i dont know which is the
correct format to send this kind of stuff.
|
|
