[<prev] [next>] [day] [month] [year] [list]
Message-ID: <001d01c3fae5$751cc3a0$0b3016ac@fucku>
Date: Tue, 24 Feb 2004 16:49:43 +0200
From: "Rafel Ivgi, The-Insider" <theinsider@....net.il>
To: "bugtraq" <bugtraq@...urityfocus.com>
Cc: "securitytracker" <bugs@...uritytracker.com>,
"SecurITeam News" <news@...uriteam.com>
Subject: BadBlue 2.4 Local Path Disclosure By phptest.php
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Software: BadBlue
Vendor: http://www.BadBlue.com
Versions: 2.4
Platforms: Windows
Bug: Local Path Disclosure By phptest.php
Risk: Low
Exploitation: Remote with browser
Date: 22 Jan 2004
Author: Rafel Ivgi, The-Insider
e-mail: the_insider@...l.com
web: http://theinsider.deep-ice.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1) Introduction
2) Bug
3) The Code
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
===============
1) Introduction
===============
BadBlue Edition is the first practical collaboration server
for businesses of any size... its powerful Office file sharing
works over the web: remote users only need browsers to view
files (even Word, Excel and Access). Full-text search is also
supported. Search, share, transfer files securely with colleagues.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
======
2) Bug
======
Upon reffering to http://<host>/phptest.php the source code
of the html contains the local path of the server on the machine.
"If you would like to edit or examine this file to see how it
works, open the file <font color=blue>phptest.php</font> in the
BadBlue installation folder (usually this is
<font color=#888888>c:\program files\badblue\pe\phptest.php</font>)."
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
===========
3) The Code
===========
http://<host>/phptest.php
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
---
Rafel Ivgi, The-Insider
http://theinsider.deep-ice.com
"Things that are unlikeable, are NOT impossible."
Powered by blists - more mailing lists