Mambo Open Source, Path disclosure
[KAPDA::#11] - Mambo Open Source, Path disclosure
KAPDA New advisory
Vendor: http://www.mamboserver.com
Vulnerable Versions: 4.5.2.3 , 4.5.2.2 , 4.5.2.1
,4.5.2
Bug: path disclosure
Exploitation: Remote with browser
Discussion:
--------------------
Mambo is a feature-rich dynamic portal engine/content
management tool capable of building sites from several
pages to several thousand. Mambo uses PHP/MySQL and
features a very comprehensive admin manager.
Vulnerability:
--------------------
A remote user can supply a specially crafted URL to
cause the system to display an error message that
discloses the installation path and other data.
Bug exists in "content.php" (Content Component of
mambo)
Demonstration URL :
--------------------
http://www.example.com/mambo/index.php?option=com_content&task=section&id=1&Itemid=PATH
Solution:
--------------------
There is no vendor-supplied patch for this issue at
this time but we are not advising you to upgrade to
Joomla because Mambo, version 4.5.3, will be released
soon ( by the end of November this year).
4.5.3 represents the new Teamâ??s first consolidation
of bug fixes and includes a number of security
enhancements.
More Detail:
--------------------
Original advisory:
http://irannetjob.com/content/view/153/28/
Farsi distribution of mambo: http://www.mambo.ir
Credit :
--------------------
Discovered & released by trueend5 (trueend5 kapda ir)
Security Science Researchers Institute Of Iran
[http://www.KAPDA.ir]
__________________________________
Yahoo! FareChase: Search multiple travel sites in one click.
http://farechase.yahoo.com