| VID |
210087 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The CuteNews is vulnerable to an information disclosure vulnerability in the 'search.php' script. CutePHP CuteNews is a freely available PHP based news management software that uses flat files to store the database. CuteNews version 1.4.5 and earlier versions are vulnerable to an information disclosure vulnerability, caused by improper validation of user-supplied input passed to the 'files_arch[]' array in the 'search.php' script. Regardless of PHP's 'register_globals' setting, a remote attacker could exploit this vulnerability to determine the existence of arbitrary files on the affected host or search files for arbitrary text (such as user-authentication credentials) that may lead to further attacks.
* References:
http://www.securityfocus.com/archive/1/485485/30/0/threaded
http://www.milw0rm.com/exploits/4779
http://secunia.com/advisories/28202/
* Platforms Affected:
CutePHP CuteNews version 1.4.5 and earlier versions
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of January 2008.
Upgrade to a version of CuteNews greater than 1.4.5, when new fixed version becomes available from the CutePHP Web site at http://cutephp.com/cutenews/
As a workaround, edit the source code to ensure that input is properly verified. |
| Related URL |
(CVE) |
| Related URL |
27010 (SecurityFocus) |
| Related URL |
(ISS) |
|
