Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web BBS :: Frequently Exploited :: hack4153.htm

YABBSE Full Path Disclosure



FUll Path Disclosure in YABBSE



ECHO_ADV_05$2004



---------------------------------------------------------------------------

                  FUll Path Disclosure in YABBSE

---------------------------------------------------------------------------



Author: y3dips

Date: August, 25th 2004

Location: Indonesia, Jakarta

Web: http://echo.or.id/adv/adv05-y3dips-2004.txt 



---------------------------------------------------------------------------



Affected software description:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



YaBB SE: Yet another Bulletin Board Splinter Edition inspired by Zef Hemel

Software Version: YaBB SE 1.5.1  The YaBB SE Development Team



web : http://www.yabbse.org/ 



---------------------------------------------------------------------------



Vulnerabilities:

~~~~~~~~~~~~~~~~



Full path disclosure:



Script in Sources/Admin.php files are not protected against direct access



A remote user can access the file to cause the system to display an error 

message that indicates the installation path. The resulting error message 

will disclose potentially sensitive installation path information to the 

remote attacker.



POC :



http://localhost/yabbse/Sources/Admin.php 



Fatal error: Call to undefined function:

is_admin() in /var/www/html/yabbse/Sources/Admin.php on line 32







---------------------------------------------------------------------------



The fix:

~~~~~~~~

Vendor not contacted yet

but i ll post it to them later



---------------------------------------------------------------------------

Shoutz:

~~~~~~~



~ m0by, the_day, comex, z3r0byt3, K-159, c-a-s-e, S`to @T echo/staff

~ newbie_hacker@yahoogroups.com , #e-c-h-o & #aikmel @DALNET 



---------------------------------------------------------------------------

Contact:

~~~~~~~~



     y3dips || echo|staff || y3dips(at)echo(dot)or(dot)id

     Homepage: http://y3dips.echo.or.id/ 



-------------------------------- [ EOF ] ----------------------------------


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH