[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Inforamtion Discloser Vulnerabilities in "phpMyAdmin"
- To: bugs@xxxxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, news@xxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx, vuln@xxxxxxxxxxx
- Subject: [Full-disclosure] Inforamtion Discloser Vulnerabilities in "phpMyAdmin"
- From: Tal Argoni <moskito@xxxxxxxxxx>
- Date: Tue, 02 Jan 2007 19:23:45 +0200
Thanks in advance,
Tal Argoni,CEH
www.zion-security.com
·= Security Advisory =·
Issue: Remote Inforamtion Discloser Vulnerabilities in "phpMyAdmin".
Discovered Date: 02/01/2007
Author: Tal Argoni. [talargoni at gmail.com]
Product Vendor: http://www.phpmyadmin.net/
Details:
phpMyAdmin is prone to an Information Disclosure.
The vulnerability exists in the "darkblue_orange" visual theme,
caused by the lack of Poor configurations.
By requesting the file
http://www.example.com/phpMyAdmin/themes/darkblue_orange/layout.inc.php
The php return a Fatal error that disclose the full path of
the file on the server.
Exploitation URL:
http://www.example.com/phpMyAdmin/themes/darkblue_orange/layout.inc.php
Vulnerable: phpMyAdmin v2.9.1.1
Solution:
go to line 33 and comment the line.
//$GLOBALS['cfg']['MainBackground']....;
Proof Of Concept:
http://www.example.com/phpMyAdmin/themes/darkblue_orange/layout.inc.php
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/