Recent Information Disclosure vulnerabilities
Latest information about Information Disclosure Incidents
22.02.2012 14:48 osvdb : RESTEasy fastinfoset XML Entity Reference Parsing Remote Information Disclosure: RESTEasy fastinfoset XM...
22.02.2012 02:59 [DSECRG-12-016] SAP MessagingSystem – information disclosure
22.02.2012 02:59 [DSECRG-12-015] SAP Adapter Monitor – information disclosure
21.02.2012 06:59 Vuln: Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability details >>
21.02.2012 03:20 Microsoft Windows Messenger ActiveX Control Information Disclosure Vulnerability details >>
21.02.2012 00:20 Microsoft Outlook Express And Windows Mail MHTML Handler Information Disclosure Vulnerabi details >>
20.02.2012 19:26 Microsoft Windows IPsec Information Disclosure Vulnerability details >>
20.02.2012 10:26 NetSurf "netsurf/Cookies" Local Information Disclosure details >>
20.02.2012 02:32 osvdb : Netscape File Upload Information Disclosure: Netscape File Upload Information Disclosure details >>
20.02.2012 00:32 Vigilnce - Joomla: information disclosure details >>
19.02.2012 22:32 osvdb : Tcat Server JMX Browser Information Disclosure: Tcat Server JMX Browser Information Disclosure details >>
19.02.2012 17:50 Corporate strategy and information disclosure.: An article from: RAND Journal of Economics: This digital documen... details >>
19.02.2012 14:50 Microsoft Internet Explorer Cross Domain Information Disclosure Vulnerability details >>
18.02.2012 16:16 PHP 5.2.17 Information Disclosure / Code Execution ≈ Packet Storm: PHP versions 5.2.0 through 5.2.17 suffers fro... details >>
17.02.2012 19:36 Advisory Files - PHP 5.2.17 Information Disclosure / Code Execution details >>
17.02.2012 05:57 MOMO's: Common Cents: $DNYS Releases 2011 Annual Report and Information Disclosure details >>
16.02.2012 09:00 Recon Reports Second Quarter 2012 Financial Results: We will also strengthen our information disclosure and impr... details >>
16.02.2012 05:41 jacksonville Dynasty Limousine Inc. Releases 2011 Annual Report and Information Disclosure details >>
16.02.2012 05:41 Dynasty Limousine Inc. Releases 2011 Annual Report and Information Disclosure details >>
16.02.2012 05:41 Dynasty Limousine Inc. Releases 2011 Annual Report and Information Disclosure: JACKSONVILLE, Fla., Feb. 16, 2012... details >>
Information Disclosure Incidents Archive 2011
Here is short summary of recent Information Disclosure vulnerabilities discovered by eVuln team. Full list with details is available on the eVuln Security Advisories page.
Arbitrary File Disclosure Vulnerability in Quirex.
Description.
Vulnerable Script: convert.cgi
Variable $quiz_head $quiz_foot $template are not properly sanitized. This can be used to read arbitrary files.
System access is possible.
Exploit.
File Disclosure Example
Url: http://host/cgi-bin/quirex/convert.cgi
Path to quiz_head.txt: [arbitrary file]
Path to quiz_foot.txt: [arbitrary file]
Output file: [output file]
Solution
Solution is not available.
Other details >>Sensitive Information Disclosure in Text Rider.
Description.
Directory data isn't protected by htaccess in default installiation. This can be used to retrieve registered user's information including logins and password's md5 hashes.
Cookie-based authentication is threatened.
To authenticate as administrator cookies need to contain the folowing:
username=[admin user]password=[md5 hash]
Administrator has an ability to edit "config.php" file and upload arbitrary files.
System access is possible.
Exploit.
URL Example:
http://host/textrider/data/userlist.txt
Solution
Solution is not available.
Other details >>Weblog Sensitive Information Disclosure in Note-A-Day.
Description.
Directory archive is not protected by htaccess in default installiation. This can be used to retrieve registered user's information including encrypted passwords.
Exploit.
Admin's encrypted password:
http://host/noteday/archive/.phpass-admin
Solution
Solution is not available.
Other details >>Directory Traversal and Data Disclosure in RCBlog.
Description.
1. Directories data config are not protected by htaccess in default installiation. This can be used to retrieve registered user's information including logins and password's md5 hashes.
2. Directory traversal is possible.
Vulnerable script: index.php
Variable $_GET[post] isn't properly sanitized. This can be used to open arbitrary files with txt extention. Administrator's login and password is threatened.
Administrator has an ability to upload arbitrary files.
System access is possible.
Exploit.
Directory traversal example:
http://host/rcblog/index.php?post=../config/password
Solution
Solution is not available.
Other details >>Sensitive Information Disclosure in Flog.
Description.
Directory data isn't protected by htaccess in default installiation. This can be used to retrieve registered user's information including logins and password's md5 hashes.
Exploit.
Example:
http://host/flog/data/users.0.dat
Solution
Solution is not available.
Other details >>