PostNuke FAQ Module Path Disclosure

2004-04-19T08:30:31
ID OSVDB:5517
Type osvdb
Reporter Lorenzo Hernandez Garcia(novappc@novappc.com)
Modified 2004-04-19T08:30:31

Description

Vulnerability Description

PostNuke contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a specially crafted HTTP request occurs, which will disclose the full local path for web content resulting in a loss of confidentiality.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): Disable the display_errors directive in the PHP configuration file (php.ini)

Short Description

PostNuke contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a specially crafted HTTP request occurs, which will disclose the full local path for web content resulting in a loss of confidentiality.

Manual Testing Notes

http://[victim]/modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat= `[RANDOM CHARACTERS]

References:

Vendor URL: http://www.postnuke.com/ Security Tracker: 1006847 Secunia Advisory ID:11406 Related OSVDB ID: 5516 Related OSVDB ID: 5520 Related OSVDB ID: 5521 Related OSVDB ID: 5497 Related OSVDB ID: 5496 Related OSVDB ID: 5515 Related OSVDB ID: 5518 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/1211.html ISS X-Force ID: 12188 Bugtraq ID: 7693