security hole in os groupware suite PHProjekt

From: Albrecht Guenther (agat_private)
Date: Thu May 10 2001 - 03:26:22 PDT

Next message: Nsfocus Security Team: "NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error Vulnerability"

Previous message: Jass Seljamaa: "Personal Web Sharing remote stop"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello Bugtraq team,

this is my first posting to the bugtraq ML.
If my posting is incomplete or you have further
questions, please don't hesitate to mail me.
Daniel Wittenberg kindly notified me about
the following bug.

best regards
Albrecht Guenther


    Overview
PHProjekt is an open source groupware suite written in PHP4 
with mysql/postgres/oracle support: 
www.PHProjekt.com
The security hole concernes the file module.



    Details
By adding the famous ".." string to the url one can have access to other
directories than the one which is specified in the config.

The concerned releases are version 2.0, 2.0.1 and 2.1 of PHProjekt


    Solution
A patched version of the file is available under:
http://www.phprojekt.com/download/patch-2.1.tar.gz
or download the newest release from the homepage


   Credit

Daniel Wittenberg from starken.com found this security hole
and kindly provided me with this informtaion.


Albrecht Guenther

Next message: Nsfocus Security Team: "NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error Vulnerability"
Previous message: Jass Seljamaa: "Personal Web Sharing remote stop"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue May 15 2001 - 03:22:28 PDT