by r0t,der4444,cembo,VietMafia

Sunday, April 30, 2006

RT: Request Tracker vuln.

###############################################
Vuln. discovered by : r0t
Date: 30 april 2006
vendor:www.bestpractical.com/?rt=3.5.HEAD
affected versions:RT 3.5.HEAD
###############################################

Vuln. Description:

RT contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker submits requests in "Rows" parameter in "/Dist/Display.html".
Which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.


example:

/Dist/Display.html?Status=Active&Name=google&Rows=[CODE]

###############################################
Solution:
Edit the source code to ensure that input is properly sanitised.
###############################################
More information @ unsecured-systems.com/forum/

0 Comments:

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew