BID:24056

OPeNDAP BES File System Information Disclosure Vulnerability

Info

OPeNDAP BES File System Information Disclosure Vulnerability

Bugtraq ID:	24056
Class:	Access Validation Error
CVE:	CVE-2007-2767
Remote:	Yes
Local:	No
Published:	May 18 2007 12:00AM
Updated:	May 07 2015 05:39PM
Credit:	NCIRT labs is credited with the discovery of this issue.
Vulnerable:	OPeNDAP Hyrax 1.2 OPeNDAP BES 3.4.2 + OPeNDAP Hyrax 1.2

Not Vulnerable:	OPeNDAP Hyrax 1.2.1 OPeNDAP BES 3.5 + OPeNDAP Hyrax 1.2.1

Discussion

OPeNDAP BES File System Information Disclosure Vulnerability

OPeNDAP BES is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to view filesystem contents on an affected server. Information gained can aid in further attacks.

Versions prior to 3.5.0 are vulnerable.

Exploit / POC

OPeNDAP BES File System Information Disclosure Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

OPeNDAP BES File System Information Disclosure Vulnerability

Solution:
The vendor has released fixes to address this issue. Please see the references for more information.

OPeNDAP BES 3.4.2

OPeNDAP bes-3.5.0.tar.gz
http://www.opendap.org/pub/source/bes-3.5.0.tar.gz

References

OPeNDAP BES File System Information Disclosure Vulnerability

References:

BES Software Download Page (OPeNDAP)
Hyrax Download Page (OPeNDAP)
OPeNDAP Home Page (OPeNDAP)
OPeNDAP Security Messages (OPeNDAP)
OPeNDAP filesystem enumeration vulnerability (US-CERT)