ownCloud PHP Session Files Information Disclosure Vulnerability
BID:69024
Info
ownCloud PHP Session Files Information Disclosure Vulnerability
| Bugtraq ID: | 69024 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 03 2014 12:00AM |
| Updated: | Aug 03 2014 12:00AM |
| Credit: | Senderek Web Security |
| Vulnerable: |
ownCloud ownCloud 7.0 ownCloud ownCloud 6.0.4 ownCloud ownCloud 6.0.1 ownCloud ownCloud 5.0.11 ownCloud ownCloud 5.0.10 ownCloud ownCloud 5.0.8 ownCloud ownCloud 5.0.7 ownCloud ownCloud 6.0.3 ownCloud ownCloud 6.0.2 ownCloud ownCloud 6.0.0a ownCloud ownCloud 6.0.0 ownCloud ownCloud 5.0.9 ownCloud ownCloud 5.0.17 ownCloud ownCloud 5.0.16 ownCloud ownCloud 5.0.15 ownCloud ownCloud 5.0.14 A ownCloud ownCloud 5.0.14 ownCloud ownCloud 5.0.13 ownCloud ownCloud 5.0.12 |
| Not Vulnerable: | |
Discussion
ownCloud PHP Session Files Information Disclosure Vulnerability
ownCloud is prone to an information-disclosure vulnerability.
Attackers can leverage this issue to gain access to sensitive information. Information obtained may aid in further attacks.
ownCloud 5.0.7 through versions 7.0.0 are vulnerable.
ownCloud is prone to an information-disclosure vulnerability.
Attackers can leverage this issue to gain access to sensitive information. Information obtained may aid in further attacks.
ownCloud 5.0.7 through versions 7.0.0 are vulnerable.
Exploit / POC
ownCloud PHP Session Files Information Disclosure Vulnerability
Attackers can use a browser to exploit this issue.
Attackers can use a browser to exploit this issue.
Solution / Fix
ownCloud PHP Session Files Information Disclosure Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].