PHPlist pages/user.php Direct Request Path Disclosure

2005-07-27T07:50:12
ID OSVDB:18327
Type osvdb
Reporter thegreatone2176(thegreatone2176@yahoo.com)
Modified 2005-07-27T07:50:12

Description

Vulnerability Description

PHPlist contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes a direct request to the pages/user.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

Technical Description

On August 05, 2005, the vendor reported that it could not reproduce the path disclosure issue in 2.8.12 (latest stable release) or the current development version.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

PHPlist contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes a direct request to the pages/user.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

Manual Testing Notes

http://[victim]/admin/commonlib/pages/user.php

References:

Vendor URL: http://tincan.co.uk/phplist Secunia Advisory ID:16274 Related OSVDB ID: 18325 Related OSVDB ID: 18328 Related OSVDB ID: 18319 Related OSVDB ID: 18322 Related OSVDB ID: 18329 Related OSVDB ID: 18316 Related OSVDB ID: 18317 Related OSVDB ID: 18318 Related OSVDB ID: 18320 Related OSVDB ID: 18321 Related OSVDB ID: 18324 Related OSVDB ID: 18326 Related OSVDB ID: 18323 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-07/0487.html CVE-2005-2433