[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20051102172806.26683.qmail@web51001.mail.yahoo.com>
Date: Wed, 2 Nov 2005 09:28:05 -0800 (PST)
From: alireza hassani <trueend5@...oo.com>
To: bugtraq@...urityfocus.com
Subject: Mambo Open Source, Path disclosure
[KAPDA::#11] - Mambo Open Source, Path disclosure
KAPDA New advisory
Vendor: http://www.mamboserver.com
Vulnerable Versions: 4.5.2.3 , 4.5.2.2 , 4.5.2.1
,4.5.2
Bug: path disclosure
Exploitation: Remote with browser
Discussion:
--------------------
Mambo is a feature-rich dynamic portal engine/content
management tool capable of building sites from several
pages to several thousand. Mambo uses PHP/MySQL and
features a very comprehensive admin manager.
Vulnerability:
--------------------
A remote user can supply a specially crafted URL to
cause the system to display an error message that
discloses the installation path and other data.
Bug exists in "content.php" (Content Component of
mambo)
Demonstration URL :
--------------------
http://www.example.com/mambo/index.php?option=com_content&task=section&id=1&Itemid=PATH
Solution:
--------------------
There is no vendor-supplied patch for this issue at
this time but we are not advising you to upgrade to
Joomla because Mambo, version 4.5.3, will be released
soon ( by the end of November this year).
4.5.3 represents the new Teamâs first consolidation
of bug fixes and includes a number of security
enhancements.
More Detail:
--------------------
Original advisory:
http://irannetjob.com/content/view/153/28/
Farsi distribution of mambo: http://www.mambo.ir
Credit :
--------------------
Discovered & released by trueend5 (trueend5 kapda ir)
Security Science Researchers Institute Of Iran
[http://www.KAPDA.ir]
__________________________________
Yahoo! FareChase: Search multiple travel sites in one click.
http://farechase.yahoo.com
Powered by blists - more mailing lists