Plugin ID | 184 |
Plugin name | YABBSE path disclosure |
Plugin filename | YABBSE path disclosure.plugin |
Plugin filesize | 3115 bytes |
Plugin family | HTTP |
Plugin created name | Nico 'Triplex' Spicher |
Plugin created email | Triplex at IT-Helpnet dot de |
Plugin created web | http://triplex.it-helpnet.de/ |
Plugin created company | http://www.it-helpnet.de/ |
Plugin created date | 2004/09/07 |
Plugin updated name | Marc Ruef |
Plugin updated email | marc dot ruef at computec dot ch |
Plugin updated web | http://www.computec.ch |
Plugin updated company | computec.ch |
Plugin updated date | 2004/11/14 |
Plugin version | 2.0 |
Plugin changelog | Made some slight modifications in version 1.1. Corrected the plugin structure and added the accuracy values in 1.2. Improved the pattern matching and introduced the plugin changelog in 2.0 |
Plugin protocol | tcp |
Plugin port | 80 |
Plugin procedure exploit | open|send GET /Sources/Admin.php HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# ### *Fatal error: Call to undefined function:* |
Plugin exploit accuracy | 98 |
Plugin comment | This plugin was written with the ATK-Plugin-Creator [http://triplex.it-helpnet.de]. |
Bug published name | y3dips |
Bug published email | y3dips at echo dot or dot id |
Bug published web | http://y3dips.echo.or.id |
Bug published date | 2004/08/25 |
Bug advisory | http://echo.or.id/adv/adv05-y3dips-2004.txt |
Bug affected | YABBSE all versions |
Bug not affected | Other solutions |
Bug vulnerability class | Configuration |
Bug description | Script in Sources/Admin.php files are not protected against direct access. A remote user can access the file to cause the system to display an error message that indicates the installation path. The resulting error message will disclose potentially sensitive installation path information to the remote attacker. |
Bug solution | Disable this suite or upgrade to the latest version and limit unwanted connections and communications with firewalling. Change the default directory of the application to make automated scans harder. |
Bug fixing time | Approx. 30 minutes |
Bug exploit availability | Yes |
Bug remote | Yes |
Bug local | Yes |
Bug severity | Low |
Bug popularity | 3 |
Bug simplicity | 8 |
Bug impact | 4 |
Bug risk | 4 |
Source Literature | Hacking Intern - Angriffe, Strategien, Abwehr, Marc Ruef, Marko Rogge, Uwe Velten and Wolfram Gieseke, November 1, 2002, Data Becker, Düsseldorf, ISBN 381582284X |
Source Misc. | http://www.computec.ch |