Geeklog /layout/professional/functions.php Direct Request Path Disclosure

2006-05-28T09:35:07
ID OSVDB:26003
Type osvdb
Reporter OSVDB
Modified 2006-05-28T09:35:07

Description

Solution Description

Upgrade to version 1.3.11sr6, 1.4.0sr3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Manual Testing Notes

http://[target]/geeklog/layout/professional/functions.php

References:

Vendor URL: http://www.geeklog.net Vendor Specific News/Changelog Entry: http://www.geeklog.net/article.php/geeklog-1.4.0sr3 Secunia Advisory ID:20316 Related OSVDB ID: 26005 Related OSVDB ID: 26004 Related OSVDB ID: 26006 Other Advisory URL: http://kapda.ir/advisory-336.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-05/0648.html Keyword: KAPDA::#45 FrSIRT Advisory: ADV-2006-2050 CVE-2006-2698 Bugtraq ID: 18154