NI3
11-15-2003, 04:35 PM
TITLE:
PHP-CoolFile Logic Error Vulnerability
SECUNIA ADVISORY ID:
SA10210
VERIFY ADVISORY:
[Only registered and activated users can see links]
CRITICAL:
Moderately critical
IMPACT:
Security Bypass
WHERE:
From remote
SOFTWARE:
PHP-CoolFile 1.x
DESCRIPTION:
A vulnerability has been reported in PHP-Coolfile allowing malicious
people to view the contents of files including the configuration file
with the administrative username and password.
The problem is a logic error in the user verification. If a user
chooses the copy or edit functions, the user isn't verified.
Example:
php-coolfile/action.php?action=edit&file=any_file
The vulnerability has been reported in version 1.4.
SOLUTION:
Edit the source code to ensure that users are properly verified.
REPORTED BY / CREDITS:
1dt.w0lf // RsT
----------------------------------------------------------------------
PHP-CoolFile Logic Error Vulnerability
SECUNIA ADVISORY ID:
SA10210
VERIFY ADVISORY:
[Only registered and activated users can see links]
CRITICAL:
Moderately critical
IMPACT:
Security Bypass
WHERE:
From remote
SOFTWARE:
PHP-CoolFile 1.x
DESCRIPTION:
A vulnerability has been reported in PHP-Coolfile allowing malicious
people to view the contents of files including the configuration file
with the administrative username and password.
The problem is a logic error in the user verification. If a user
chooses the copy or edit functions, the user isn't verified.
Example:
php-coolfile/action.php?action=edit&file=any_file
The vulnerability has been reported in version 1.4.
SOLUTION:
Edit the source code to ensure that users are properly verified.
REPORTED BY / CREDITS:
1dt.w0lf // RsT
----------------------------------------------------------------------