ChurchInfo DirectoryReport.php GroupID Variable Path Disclosure

2005-08-01T08:17:46
ID OSVDB:18434
Type osvdb
Reporter thegreatone2176(thegreatone2176@yahoo.com)
Modified 2005-08-01T08:17:46

Description

Vulnerability Description

ChurchInfo contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker provides malformed input to the 'GroupID' variable in the DirectoryReport.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: turn the debug option off.

In versions prior to 1.2.3 the debug option is set in Include/Config.php. In version 1.2.3 and above the debug option is set by selecting Admin -> Edit General Settings.

Short Description

ChurchInfo contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker provides malformed input to the 'GroupID' variable in the DirectoryReport.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

References:

Vendor URL: http://www.churchdb.org/ Secunia Advisory ID:16292 Related OSVDB ID: 18431 Related OSVDB ID: 18408 Related OSVDB ID: 18429 Related OSVDB ID: 18430 Related OSVDB ID: 18433 Related OSVDB ID: 18438 Related OSVDB ID: 18439 Related OSVDB ID: 18432 Related OSVDB ID: 18437 Related OSVDB ID: 18435 Related OSVDB ID: 18436 Related OSVDB ID: 18450 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-08/0007.html ISS X-Force ID: 21648 CVE-2005-2474