DoSePa Information Disclosure Vulnerability
BID:21149
Info
DoSePa Information Disclosure Vulnerability
| Bugtraq ID: | 21149 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 17 2006 12:00AM |
| Updated: | Nov 21 2006 11:10PM |
| Credit: | Craig Heffner <[email protected]> is credited with the discovery of this vulnerability. |
| Vulnerable: |
Anton Vlasov DoSePa 1.0.4 |
| Not Vulnerable: | |
Discussion
DoSePa Information Disclosure Vulnerability
DoSePa is prone to an information-disclosure vulnerability because it fails to properly sanitize user-supplied parameters.
An attacker can exploit this issue to retrieve arbitrary files with the privileges of the hosting webserver application. Information harvested during successful exploits will aid in further attacks.
DoSePa 1.0.4 is vulnerable to this issue; other versions may also be affected.
DoSePa is prone to an information-disclosure vulnerability because it fails to properly sanitize user-supplied parameters.
An attacker can exploit this issue to retrieve arbitrary files with the privileges of the hosting webserver application. Information harvested during successful exploits will aid in further attacks.
DoSePa 1.0.4 is vulnerable to this issue; other versions may also be affected.
Exploit / POC
DoSePa Information Disclosure Vulnerability
Attackers can exploit this issue via a web client.
The following proof-of-concept URI is available:
http://www.example.com/textview.php?file=/etc/passwd
Attackers can exploit this issue via a web client.
The following proof-of-concept URI is available:
http://www.example.com/textview.php?file=/etc/passwd
Solution / Fix
DoSePa Information Disclosure Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].