paFileDB auth.php Path Disclosure

2005-03-12T22:27:18
ID OSVDB:16818
Type osvdb
Reporter sp3x(sp3x@securityreason.com)
Modified 2005-03-12T22:27:18

Description

Vulnerability Description

paFileDB contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by providing invalid input to the 'tuser' variable of the 'auth.php' script, which will reveal the installation path resulting in a loss of confidentiality.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

paFileDB contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by providing invalid input to the 'tuser' variable of the 'auth.php' script, which will reveal the installation path resulting in a loss of confidentiality.

Manual Testing Notes

http://[target]/[pafiledb_dir]/includes/team/auth.php?tuser=[something] http://[target]/[pafiledb_dir]/includes/admin/auth.php?user=[something]

References:

Vendor URL: http://www.phparena.net/ Security Tracker: 1013425 Related OSVDB ID: 16819 Related OSVDB ID: 16822 Related OSVDB ID: 16820 Related OSVDB ID: 16821 Related OSVDB ID: 16823 Nessus Plugin ID:17327 Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=111066293914977&w=2 ISS X-Force ID: 19633 CVE-2005-0780