| VID |
21283 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The phpGedView allows remote attackers to read arbitrary files on the server.
The phpGedView is a freely available Web-based program that displays genealogy information. The version 2.65.1 and earlier of phpGedView is vulnerable to a file disclosure vulnerability, caused by improper filtering of user-supplied data via the 'gedcom_config' parameter of the 'editconfig_gedcom.php' script. A remote attacker can read any readable files on the target server via the dot dot(..) sequences in the gedcom_config parameter as the followings:
http://[target]/[phpGedView_Dir]/editconfig_gedcom.php?gedcom_config=../../../../../../../../../../etc/passwd
It is possible for an attacker to gain sensitive information on a system.
* Refernces:
http://www.securityfocus.com/archive/1/352355
* Platforms Affected:
phpGedView version 2.65.1 and prior |
| Recommendation |
Upgrade to the fixed version of phpGedView (2.65.2 and later) from phpGedView Web page:
http://phpgedview.sourceforge.net . Now the latest version (phpGedView 2.65.3) is released on 3, Feb. 2004. |
| Related URL |
CVE-2004-0127 (CVE) |
| Related URL |
9529 (SecurityFocus) |
| Related URL |
(ISS) |
|
