| VID |
21249 |
| Severity |
20 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The PostNuke installed on the Web server has a path disclosure vulnerability via modules.php.
This vulnerability can be exploited to gain sensitive information of the server. PostNuke is a weblog/Content Management System (CMS) with a MySQL database. By sending an invalid URL request to the modules.php script as follow:
http://[target_server]/modules.php?op=modload&name=Members_List&file=index&letter=All&sortby=foobar
a remote attacker can receive an error page containing physical path information and other information like the database name due to insufficient error handling.
* References:
http://archives.neohapsis.com/archives/bugtraq/2003-03/0424.html
* Platforms Affected:
PostNuke Phoenix 0.7.2.3 and earlier
UNIX/Linux Any version
Windows Any version |
| Recommendation |
Upgrade to the PostNuke Phoenix v7.2.3 and apply the latest security fix package(0.723 Security Fix 20030407) at http://sourceforge.net/project/showfiles.php?group_id=27927&release_id=159242 |
| Related URL |
(CVE) |
| Related URL |
7218 (SecurityFocus) |
| Related URL |
11648 (ISS) |
|
