Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Land Down Under 802 and below version Path Disclosure Vulnerability

from [Advisory] Network Security [Permanent Link]
Subject: Land Down Under 802 and below version Path Disclosure Vulnerability
Date: 27 Apr 2006 05:01:27 -0000 
Land Down Under 802 and below version  Path Disclosure Vulnerability

#-------------------------------------------------------------------------------------------------------------------------------
#Aria-Security.net Advisory
#Discovered  by:R@1D3N (amin emami)
#date:21/04/2006
#original advisory:http://www.aria-security.net/advisory/ldu/ldu.txt
#<AminRayden@yahoo.com>
#special thanks  to:A.u.r.a  & O.u.t.l.a.w & Smok3r & behzad & majid and all 
Persian Security team
#--------------------------------------------------------------------------------------------------------------------------------'

? Affected software description:
LDU <= 802 and below version (Land Down Under)
Vendor: http://www.neocrome.net



? information:
A vulnerability in LDU allow attackers to determine the physical path of the 
application.
This vulnerability would allow a remote user to determine the full path to the 
web root directory and other potentially sensitive information.

The attack is performed by submitting a specially crafted HTTP request, such as 
a request for an invalid month and year


? Proof of Concept:

Path disclosure vulnerability:
http://localhost/plug.php?p=calendar&m=aria-security.net&y=R@1D3N

error:
warning:checkdate() expects parameter 1 to be long
,string given in 
/home/lothi8196/public_html/plugins/standard/calendar/calendar.php 
on line 100



Solution:
There is no solution to the full path disclosure yet.
Advisory@Aria-Security.net
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Land Down Under 802 and below version Path Disclosure Vulnerability, Advisory <=
Previous by Date:  , Yannick von Arx
Next by Date:  [security bulletin] HPSBUX02108 SSRT061133 rev.9 - HP-UX running Sendmail, Remote Execution of Arbitrary Code, security-alert
Previous by Thread:  , Yannick von Arx
Next by Thread:  [security bulletin] HPSBUX02108 SSRT061133 rev.9 - HP-UX running Sendmail, Remote Execution of Arbitrary Code, security-alert
Indexes:  [Date] [Thread] [Top] [All Lists]