Dansie Shopping Cart Discloses Installation Path to Remote Users
Indonesia Security Development Team Advisory
Dansie Shopping Cart Discloses Installation Path to Remote Users
================================================================
Advisory Name: Dansie Shopping Cart Discloses Installation Path to Remote
Users
Release Date: 5:21 AM 10/20/03
Application: Dansie Shopping cart
Author: Dr`Ponidi <drponidi@xxxxxxxxxx>
Discover by: Dr`Ponidi <drponidi@xxxxxxxxxx>
Acknowledgments : Vulnerability discovery, exploit code, and advisory by
Dr`Ponidi
Vendor Status: The vendor has been contacted and a patch is not yet
produced
Vendor URL: http://www.dansie.net/cart.html
Reference: http://drponidi.5u.com/advisory.htm
Greetz to: #indohack #k-elektronik #c|c #dhegleng @ dal.net
[Details]
A remote user can reportedly send request to cause the system
to display an error message that indicates the installation path.
It's possible to make a malformed http request for many files in
Dansie Shopping Cart and in doing so trigger an error.
The resulting error message will disclose potentially sensitive installation
path information to the remote attacker.
[Proof of Concept]
http://www.site.com/cgi-bin/cart.pl?db='
[Suggestions]
Filter all files.
[About Indonesia Security Development Team]
Indonesia Security Development Team, research and develop intelligent, advanced
application
security assessment.Based in Indonesia, Indonesia Security Development Team
offers best of
breed security consulting services, specialising in shopping carts software and
network
security assessments.We provides security information and patches for use by
the entire
security network community.
This information is provided freely to all interested parties and may be
redistributed
provided
that it is not altered in any way, Author is appropriately credited and the
document retains.
Indonesia Security Development Team Advisory:
http://drponidi.5u.com/advisory.htm
________________________________________________________________
Dr`Ponidi <drponidi@xxxxxxxxxx>
Original document can be fount at http://drponidi.5u.com/advisory.htm
--
_______________________________________________
Get your free email from http://www.hackermail.com
Powered by Outblaze