Kshout Data Disclosure
===========================================================
============================================================
Title: Kshout Data Disclosure
Vulnerability Discovery: SoulBlack - Security Research -
http://soulblack.com.ar
Date: 26/07/2005
Severity: Medium. Remote users can view configuration file.
Affected version: 2.* & 3.*
Vendor: http://www.knusperleicht.at/
============================================================
============================================================
* Summary *
This is a simple ShoutBox.
-------------------------------------------------------------
* Problem Description *
Default Installation save configuration in insecure file.
Remote users can view settings.dat
Example:
http://server/shoutbox/db/settings.dat
/*
....
username='5588cb8830fdb8ac7159b7cf5d1e611e';
$passwort='d1ff1ec86b62cd5f3903ff19c3a326b2';
....
*/
--------------------------------------------------------
-------------------------------------------------------------
* Fix *
Unofficial Patch:
/*
Change:
require("$sb_path"."db/settings.dat");
for
require("$sb_path"."db/settings.php");
*/
and rename settings.dat to settings.php in dir /shoutbox/db/
-------------------------------------------------------------
* References *
http://www.soulblack.com.ar/repo/papers/advisory/kshout_advisory.txt
-------------------------------------------------------------
* Credits *
Vulnerability reported by SoulBlack Security Research
============================================================
--
SoulBlack - Security Research
http://www.soulblack.com.ar