Ciamos viewcat.php script path disclosure

ciamos-viewcat-path-disclosure (19755) The risk level is classified as LowLow Risk

Description:

Ciamos could allow a remote attacker to obtain sensitive information. A remote attacker could send a specially-crafted URL to the viewcat.php script to cause the Ciamos to return an error that discloses the full installation path.

Platforms Affected:

  • Ciamos CMS, Ciamos CMS 0.9.2 RC1

Remedy:

Upgrade to the latest version of Ciamos (0.9.3a or later), available from the Ciamos Web site. See References.

Consequences:

Obtain Information

References:

  • Ciamos Web page, Ciamos Wakka Wiki Homepage at http://wiki.ciamos.com/.
  • IHS Iran Hackers Sabotage Public advisory , E-Xoops: Content Management for the Masses at http://www.ihsteam.com/download/advisory/Exoops%20highlight%20hole.txt.
  • CVE-2005-0827: Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message.
  • SA14641: ciamos "file" Exposure of Sensitive Information

Reported:

Mar 21, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page