Invision Power Board index.php Path Disclosure

2004-07-21T04:07:01
ID OSVDB:8118
Type osvdb
Reporter Electrobug()
Modified 2004-07-21T04:07:01

Description

Vulnerability Description

Invision Power Board contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when a crafted http request is sent to index.php, which will disclose path information via an error message, resulting in a loss of confidentiality.

Solution Description

Currently, there are no known Vendor supplied upgrades, patches, or workarounds available to correct this issue.

Short Description

Invision Power Board contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when a crafted http request is sent to index.php, which will disclose path information via an error message, resulting in a loss of confidentiality.

References:

Secunia Advisory ID:12105 Related OSVDB ID: 8117 ISS X-Force ID: 16756