BackupBuddy 'importbuddy.php' Information Disclosure Vulnerability
BID:58657
Info
BackupBuddy 'importbuddy.php' Information Disclosure Vulnerability
| Bugtraq ID: | 58657 |
| Class: | Design Error |
| CVE: |
CVE-2013-2741 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 24 2013 12:00AM |
| Updated: | Apr 04 2013 12:58PM |
| Credit: | robarmstrong.te71 |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
BackupBuddy 'importbuddy.php' Information Disclosure Vulnerability
BackupBuddy is prone to an information-disclosure vulnerability.
An attacker can exploit this issue to access backup files that contain sensitive information. Information harvested may aid in launching further attacks.
BackupBuddy 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 are vulnerable; other versions may also be affected.
BackupBuddy is prone to an information-disclosure vulnerability.
An attacker can exploit this issue to access backup files that contain sensitive information. Information harvested may aid in launching further attacks.
BackupBuddy 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 are vulnerable; other versions may also be affected.
Exploit / POC
BackupBuddy 'importbuddy.php' Information Disclosure Vulnerability
An attacker can exploit this issue through a browser.
An attacker can exploit this issue through a browser.
Solution / Fix
BackupBuddy 'importbuddy.php' Information Disclosure Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
BackupBuddy 'importbuddy.php' Information Disclosure Vulnerability
References:
References: