FarsiNews index.php Malformed archive Variable Path Disclosure

2006-02-10T07:52:00
ID OSVDB:23020
Type osvdb
Reporter Hamid Ebadi(admin@hamid.ir)
Modified 2006-02-10T07:52:00

Description

Vulnerability Description

FarsiNews contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker sets the 'archive' variable to an invalid value, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

Solution Description

Upgrade to version 2.5.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

FarsiNews contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker sets the 'archive' variable to an invalid value, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

Manual Testing Notes

http://[target]/index.php?archive=hamid

References:

Vendor URL: http://www.farsinewsteam.com/ Vendor Specific News/Changelog Entry: http://forum.farsinewsteam.com/index.php?showtopic=71 Vendor Specific News/Changelog Entry: http://forum.farsinewsteam.com/index.php?showtopic=76 Secunia Advisory ID:18768 Related OSVDB ID: 23021 Related OSVDB ID: 23022 Other Advisory URL: http://www.hamid.ir/security/farsinews2-5.txt Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-02/0156.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-04/0277.html FrSIRT Advisory: ADV-2006-0506 CVE-2006-0660 Bugtraq ID: 16580