RunCMS Database Configuration Information Disclosure Vulnerability

Bugtraq ID:	12848
Class:	Design Error
CVE:	CVE-2005-0828
Remote:	Yes
Local:	No
Published:	Mar 18 2005 12:00AM
Updated:	Jul 12 2009 10:56AM
Credit:	Discovery of this vulnerability is credited to "Majid NT" <[email protected]>.
Vulnerable:	RunCMS RunCMS 1.1 E-Xoops E-Xoops 1.0 5r3
Not Vulnerable:

RunCMS Database Configuration Information Disclosure Vulnerability

RunCMS is reportedly affected by an information disclosure vulnerability. This issue is due to a failure in the application to secure sensitive information.

Exploitation of this vulnerability could lead to the disclosure of database configuration details, including the database name, user name and password.

RunCMS was formerly named E-Xoops.

RunCMS Database Configuration Information Disclosure Vulnerability

No exploit is required.

The following proof of concept is available:
http://www.example.com/[runcms]/class/debug/highlight.php?file=[runcmsinstallationpath]\mainfile.php&line=151#151

RunCMS Database Configuration Information Disclosure Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

RunCMS Database Configuration Information Disclosure Vulnerability

References:

• IHS Iran Hackers Sabotage Public advisory - Exoops (NT)
  
• RunCms Homepage (RunCms)
  
• runcms highlight.php hole ("Majid NT" )
  
• runcms highlight.php hole (Security Lists )