[ADVISORY]: Arbitrary file disclosure vulnerability in Sympoll 1.2

From: David Raeman (raluspat_private)
Date: Tue Jul 30 2002 - 13:27:48 PDT

Next message: Thor Larholm: "RE: warning"

Previous message: infoat_private: "Vulnerability: protected Adobe eBooks can be copied between computers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) Sympoll is a customizable voting booth system written in PHP. A missing variable integrity check allows arbitrary files to be viewed on a web server that hosts Sympoll version 1.2. Hosts that have disabled the register_globals directive in their php.ini file are not at risk. This vulnerability was reported to the Sympoll author on Tuesday, July 30 2002 at at approximately 13:45 EST. A new version with a verified fix was released by 16:15 EST the same day. It can be downloaded from http://www.ralusp.net/sympoll/ Although this vulnerability only appears possible in version 1.2, users of older versions are also urged to upgraded immediately to gain the extra integrity checks that were added to Sympoll 1.3. All credit for this vulnerability report belongs to Mats Linander. Fixed (Not Vulnerable): Sympoll 1.3 Vulnerable: Sympoll 1.2

Next message: Thor Larholm: "RE: warning"
Previous message: infoat_private: "Vulnerability: protected Adobe eBooks can be copied between computers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 30 2002 - 14:02:34 PDT