[UNIX] PHP-Survey Global.INC Information Disclosure Vulnerability
From: support@securiteam.comDate: 04/29/02
- Previous message: support@securiteam.com: "[NT] CSS Bug in Browser Testing Script"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Mon, 29 Apr 2002 09:16:33 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
PHP-Survey Global.INC Information Disclosure Vulnerability
------------------------------------------------------------------------
SUMMARY
<http://sourceforge.net/projects/phpsurvey/> PHP-Survey, a PHP-based web
survey engine, has been found to disclose sensitive information to remote
attacks who request the 'global.inc' script via HTTP.
DETAILS
Vulnerable Systems:
* PHP-Survey 20000615
* PHP-Survey 20000614b
* PHP-Survey 20000614
* PHP-Survey 20000421
* PHP-Survey 20000420
* PHP-Survey prebeta-20000327
Solutions:
It has been suggested that 'global.inc' could be renamed to
'global.inc.php'. There may be references in other PHP-Survey scripts to
'global.inc', which will likely need to be changed as well.
An additional workaround involves configuring the web server to disallow
web access to certain file extensions. On Apache, this is accomplished
with the following configuration.
<Files*.inc>
Order allow,deny
Deny from all
</Files>
Currently the any vendor not supplied patched for this issue.
ADDITIONAL INFORMATION
The information has been provided by <mailto:br014c1155@blueyonder.co.uk>
MOD and <mailto:jens@ing.twinwave.net> Jens Knoell.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[NT] CSS Bug in Browser Testing Script"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
