LinPHA info.php System Information Disclosure

2004-09-22T07:41:11
ID OSVDB:23393
Type osvdb
Reporter OSVDB
Modified 2004-09-22T07:41:11

Description

Vulnerability Description

LinPHA contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote unauthenticated attacker requests the info.php file, which invokes the phpinfo() function. This will reveal a wide variety of system information that may assist in further, more focused attacks.

Short Description

LinPHA contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote unauthenticated attacker requests the info.php file, which invokes the phpinfo() function. This will reveal a wide variety of system information that may assist in further, more focused attacks.

References:

Vendor URL: http://linpha.sf.net/ Vendor Specific News/Changelog Entry: http://cvs.sourceforge.net/viewcvs.py/linpha/linpha/ChangeLog?view=markup