Savane Front End index.php Arbitrary File Read

2003-01-18T02:31:23
ID OSVDB:7459
Type osvdb
Reporter Lewis Collard(lewis@zquack.net)
Modified 2003-01-18T02:31:23

Description

Vulnerability Description

Savane (formerly Savannah) contains a flaw related to the 'index.php' script that may allow a remote attacker to read arbitrary files. No further details have been provided.

Solution Description

Contact the vendor for an appropriate upgrade. An upgrade is required as there are no known workarounds.

Short Description

Savane (formerly Savannah) contains a flaw related to the 'index.php' script that may allow a remote attacker to read arbitrary files. No further details have been provided.

References:

Vendor URL: https://gna.org/projects/savane Vendor Specific Advisory URL