SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Forum/Board/Portal)  >   Geeklog Vendors:   Geeklog
Geeklog Default Installation Lets Remote Users Access the Installation Script
SecurityTracker Alert ID:  1010948
SecurityTracker URL:  http://securitytracker.com/id/1010948
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Updated:  Aug 13 2004
Original Entry Date:  Aug 13 2004
Impact:   Disclosure of user information, Modification of user information
Exploit Included:  Yes  
Version(s): 1.39, possibly others
Description:   Security .Net Information (snilabs) reported a vulnerability in Geeklog. The installation software leaves the 'install' file in the 'admin' directory, which is accessible to remote users.

It is reported that a remote user can invoke the installation script with the following type of URLs:

http://[target]/admin/install/install.php
http://[target]/install/install.php

Impact:   A remote user can run the installation script.
Solution:   No solution was available at the time of this entry.

The report indicates that you should delete the script after the installation.

Vendor URL:  geeklog.sourceforge.net/ (Links to External Site)
Cause:   Configuration error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   None.


 Source Message Contents

Subject:  Geeklog Default Installation May Disclose Installation Files to Remote Users


Security .Net Information (snilabs) Advisore:

A bug has encountred in Geeklog 1.39 possibly other versions. Default
Installation May Disclose Installation Files to Remote Users , exactly
in script install located in /admin/install.

A remote user can execute install script with permissions admin, the
directory containing the installation script is accessible to remote
users. The script itself can be executed.

example : xploit:

http://www.vulnerable.com/admin/install/install.php
http://www.vulnerable.com/install/install.php

Solution: 

Delete the script after the installation.

Greetz: friends #reflux

snilabs: sbnilabs@gmail.com radiarx.oceanius.com #sni-labs

 -- 
radiarx.oceanius.com  #sni-labs  #reflux
Security .Net Information
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC