ZH2003-17SA (security advisory): geeeekShop Shopping Cart Path Disclosure

From: G00db0y (G00db0y_at_zone-h.org)
Date: 08/09/03

  • Next message: Matt Zimmerman: "[SECURITY] [DSA-369-1] New zblast packages fix buffer overflow"
    Date: 9 Aug 2003 13:28:46 -0000
    To: bugtraq@securityfocus.com
    
    
    ('binary' encoding is not supported, stored as-is)

    ZH2003-17SA (security advisory): geeeekShop Shopping Cart Path Disclosure

    Published: 9 august 2003

    Released: 9 august 2003

    Name: geeeekShop Shopping Cart System

    Affected Systems: 1.4.0

    Issue: Remote attackers can know the path of the site

    Author: G00db0y@zone-h.org

    Vendor: http://www.geeeeksoft.com

    Description

    ***********

    Zone-h Security Team has discovered a flaw in geeeekShop Shopping Cart
    v1.4.0. "geeeekShop is a PHP / MySQL based shopping cart system that is
    easy enough for somebody who is new to the internet but powerful enough
    for the seasoned veteran."

    Details

    *******
     
    It's possible to make a malformed http request for many files in
    geeeekShop Shopping Cart and in doing so trigger an error.
    The resulting error message will disclose potentially sensitive
    installation
    path information to the remote attacker.

    Example:

    http://www.site.com/shop/?category=xxxxxx&parent=0&page=x&/'

    If we do a simple http request for many files in geeeekShop Shopping Cart
    we
    will have the same problem.

    Example:

    http://www.site.com/shop/php_files/site.config.php

    Solution:

    *********

    The vendor has been contacted and a patch is not yet produced.

    Suggestions:

    ************

    Filter all files.

    G00db0y - www.zone-h.org admin

    Original advisory here: http://www.zone-h.org/en/advisories/read/id=2853/


  • Next message: Matt Zimmerman: "[SECURITY] [DSA-369-1] New zblast packages fix buffer overflow"