TikiWiki tiki-browse_categories.php Path Disclosure

2004-04-11T14:03:29
ID OSVDB:5194
Type osvdb
Reporter JeiAr(jeiar@gulftech.org)
Modified 2004-04-11T14:03:29

Description

Vulnerability Description

TikiWiki contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker calls the "tiki-browse_categories.php" script with abnormal parameters, which will disclose the physical path of the web server resulting in a loss of confidentiality.

Solution Description

Upgrade to version 1.8.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

TikiWiki contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker calls the "tiki-browse_categories.php" script with abnormal parameters, which will disclose the physical path of the web server resulting in a loss of confidentiality.

Manual Testing Notes

http://[victim]/tiki-browse_categories.php?find=&deep=off&parentId=[VID]&offset=123&sort_mode= http://[victim]/tiki-browse_categories.php?find=&deep=off&parentId=[VID]&offset=

Where [VID] is a valid ID number.

References:

Vendor URL: http://www.tikiwiki.org/ Vendor URL: http://freshmeat.net/projects/tiki/ Vendor Specific Advisory URL Secunia Advisory ID:11344 Secunia Advisory ID:13772 Other Advisory URL: http://www.gulftech.org/04112004.php