phpMyAdmin /libraries/select_theme.lib.php Direct Request Path Disclosure

2005-02-22T17:03:03
ID OSVDB:14376
Type osvdb
Reporter cxib8o3(cxib8o3@users.sourceforge.net)
Modified 2005-02-22T17:03:03

Description

Vulnerability Description

phpMyAdmin contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes a direct request to the /libraries/select_theme.lib.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

Technical Description

This only affects installations with the "display_errors" option set to 1.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

phpMyAdmin contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes a direct request to the /libraries/select_theme.lib.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

Manual Testing Notes

http://[target]/phpMyAdmin/libraries/select_theme.lib.php

Warning: main(./libraries/grab_globals.lib.php): failed to open stream: No such file or directory in /usr/local/cpanel/base/3rdparty/phpMyAdmin/libraries/select_theme.lib.php on line 34

Fatal error: main(): Failed opening required './libraries/grab_globals.lib.php' (include_path='/usr/local/cpanel/3rdparty/lib/php/:.') in /usr/local/cpanel/base/3rdparty/phpMyAdmin/libraries/select_theme.lib.php on line 34

References:

Vendor URL: http://www.phpmyadmin.net/ Vendor Specific News/Changelog Entry: http://sourceforge.net/tracker/index.php?func=detail&aid=1149383&group_id=23067&atid=377408 Vendor Specific Advisory URL Secunia Advisory ID:17578 Secunia Advisory ID:14382 Related OSVDB ID: 14374 Related OSVDB ID: 14378 Related OSVDB ID: 14375 Related OSVDB ID: 14381 Related OSVDB ID: 14382 Related OSVDB ID: 14387 Related OSVDB ID: 14388 Related OSVDB ID: 14380 Related OSVDB ID: 14385 Related OSVDB ID: 14386 Related OSVDB ID: 14377 Related OSVDB ID: 14379 Related OSVDB ID: 14383 Related OSVDB ID: 14384 Other Advisory URL: http://www.fitsec.com/advisories/FS-05-02.txt Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0446.html Keyword: FS-05-02 CVE-2005-0544