| VID |
21281 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Man Page Lookup allows remote attackers to read arbitrary files on the Web server.
Man Page Lookup is a program for viewing man pages using a Web browser for Linux and Unix-based operating systems. This file disclosure vulnerability is caused by improper filtering the user-supplied input, command parameter($cmd variable) in the function buildManPage() in class.manpagelookup.php for PHP Man Page Lookup. A remote attacker can read any readable files on the target server via the command parameter ($cmd variable) to index.php script as the following:
http://[target]/manpage/index.php?command=/etc/passwd
* References:
http://archives.neohapsis.com/archives/bugtraq/2004-01/0079.html
* Platforms Affected:
Andy's PHP Projects Man Page Lookup prior to 1/2/2004
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Man Page Lookup (posted Jan 02, 2004 or later) from Andy's PHP Projects Web page at http://php.amnuts.com/index.php?do=view&id=1 |
| Related URL |
CVE-2004-0071 (CVE) |
| Related URL |
9395 (SecurityFocus) |
| Related URL |
14203 (ISS) |
|
