e107 footer_default.php Direct Request Path Disclosure

2005-06-12T08:07:15
ID OSVDB:17616
Type osvdb
Reporter Marc Ruef(marc.ruef@computec.ch)
Modified 2005-06-12T08:07:15

Description

Vulnerability Description

e107 contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes a request directly to the footer_default.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

Technical Description

OSVDB testing revealed the vulnerability in only three of the default theme scripts, not all as the original advisory stated.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

e107 contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes a request directly to the footer_default.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

Manual Testing Notes

http://<server>/<e107_path>/e107_themes/templates/footer_default.php

References:

Vendor URL: http://www.e107.org Secunia Advisory ID:15733 Related OSVDB ID: 17569 Related OSVDB ID: 17570 Related OSVDB ID: 17571 Related OSVDB ID: 17617 Related OSVDB ID: 17572 Related OSVDB ID: 17573 Nessus Plugin ID:18222 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-06/0141.html Bugtraq ID: 13974