Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: e-commerce, shopping carts :: bt1331.txt

Dansie Shopping Cart Discloses Installation Path to Remote Users





Indonesia Security Development Team Advisory


Dansie Shopping Cart Discloses Installation Path to Remote Users
================================================================

     Advisory Name: Dansie Shopping Cart Discloses Installation Path to Remote Users
      Release Date: 5:21 AM 10/20/03
       Application: Dansie Shopping cart
            Author: Dr`Ponidi <drponidi@kecoak.org>	
       Discover by: Dr`Ponidi <drponidi@kecoak.org>
  Acknowledgments : Vulnerability discovery, exploit code, and advisory by Dr`Ponidi
     Vendor Status: The vendor has been contacted and a patch is not yet produced
        Vendor URL: http://www.dansie.net/cart.html
         Reference: http://drponidi.5u.com/advisory.htm
         Greetz to: #indohack #k-elektronik #c|c #dhegleng @ dal.net


[Details]
A remote user can reportedly send request to cause the system
to display an error message that indicates the installation path.
It's possible to make a malformed http request for many files in
Dansie Shopping Cart and in doing so trigger an error.
The resulting error message will disclose potentially sensitive installation
path information to the remote attacker.


[Proof of Concept]
http://www.site.com/cgi-bin/cart.pl?db='


[Suggestions]
Filter all files.


[About Indonesia Security Development Team]
Indonesia Security Development Team, research and develop intelligent, advanced application
security assessment.Based in Indonesia, Indonesia Security Development Team offers best of
breed security consulting services, specialising in shopping carts software and network
security assessments.We provides security information and patches for use by the entire
security network community.

This information is provided freely to all interested parties and may be redistributed
provided
that it is not altered in any way, Author is appropriately credited and the document retains.

Indonesia Security Development Team Advisory:
http://drponidi.5u.com/advisory.htm

________________________________________________________________
Dr`Ponidi <drponidi@kecoak.org>
Original document can be fount at http://drponidi.5u.com/advisory.htm


-- 
_______________________________________________
Get your free email from http://www.hackermail.com

Powered by Outblaze


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH