BID:24039

PsychoStats Server.PHP Path Disclosure Vulnerability

Info

PsychoStats Server.PHP Path Disclosure Vulnerability

Bugtraq ID:	24039
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2007-2780
Remote:	Yes
Local:	No
Published:	May 17 2007 12:00AM
Updated:	Jun 27 2007 08:28PM
Credit:	kefka <[email protected]> discovered this issue.
Vulnerable:	PsychoStats PsychoStats 2.3 beta PsychoStats PsychoStats 2.2.4 beta PsychoStats PsychoStats 2.2.2 beta PsychoStats PsychoStats 2.2.1 beta PsychoStats PsychoStats 2.2 beta PsychoStats PsychoStats 2.1 beta PsychoStats PsychoStats 2.0.1 beta PsychoStats PsychoStats 2.0 beta PsychoStats PsychoStats 3.0.6b

Not Vulnerable:

Discussion

PsychoStats Server.PHP Path Disclosure Vulnerability

PsychoStats is prone to a path-disclosure issue when invalid data is submitted.

Exploiting this issue can allow an attacker to access sensitive data that may be used to launch further attacks against a vulnerable computer.

PsychoStats 3.0.6b and prior versions are vulnerable to this issue.

Exploit / POC

PsychoStats Server.PHP Path Disclosure Vulnerability

No exploit is required.

The following proof-of-concept URI was supplied:

http://www.example.com/[path]/server.php?newcss=styles.css&newtheme=%00

Solution / Fix

PsychoStats Server.PHP Path Disclosure Vulnerability

Solution:
The vendor has released a fix to address this issue; please see the reference section for details.

PsychoStats PsychoStats 3.0.6b

PsychoStats PsychoStats 3.0.6b fix
http://www.psychostats.com/forums/index.php?s=038d67e9c41c5f1b3f538bba 4ff7ffd8&act=attach&type=post&id=319

References

PsychoStats Server.PHP Path Disclosure Vulnerability

References:

PsychoStats Home Page (PsychoStats)
PsychoStats Server.PHP Path Disclosure Vulnerability, PS 2 & 3 vulnerability (PsychoStats )