RediCart smart.cfg Configuration Information Disclosure

2004-11-24T11:21:00
ID OSVDB:12117
Type osvdb
Reporter Cassiopeia()
Modified 2004-11-24T11:21:00

Description

Vulnerability Description

RediCart contains a flaw that may lead to an unauthorized information disclosure. The issue caused by the smart.cfg configuration file being located in the same directory as the CGI scripts, which will disclose configuration information resulting in a loss of confidentiality.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

RediCart contains a flaw that may lead to an unauthorized information disclosure. The issue caused by the smart.cfg configuration file being located in the same directory as the CGI scripts, which will disclose configuration information resulting in a loss of confidentiality.

References:

Vendor URL: http://www.redi-check.com/redicart/ Security Tracker: 1012306 Secunia Advisory ID:13301 ISS X-Force ID: 18219 CVE-2004-2448