Phpauction GPL index.php lan Variable Traversal Local File Inclusion

2005-07-07T13:45:26
ID OSVDB:18999
Type osvdb
Reporter OSVDB
Modified 2005-07-07T13:45:26

Description

Technical Description

Additionally, if an invalid file is requested, the resulting error message will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

Manual Testing Notes

/phpauction-gpl-2.5/index.php?lan=../put/.inc.php/file/name/here /phpauction-gpl-2.5/admin/index.php?lan=../p ut/.inc.php/file/name/here

References:

Vendor URL: http://www.phpauction.org/gpl.php Security Tracker: 1014423 Secunia Advisory ID:15967 Related OSVDB ID: 18998 Related OSVDB ID: 18997 Related OSVDB ID: 19000 Other Advisory URL: http://digitalparadox.org/viewadvisories.ah?view=41 CVE-2005-2255