[39180] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Vulnerability: Bitrix Web Server Paths

daemon@ATHENA.MIT.EDU (D_BuG)
Wed Jun 15 13:30:08 2005

Date: Wed, 15 Jun 2005 17:58:05 +0400
From: D_BuG <d_bug@bk.ru>
Reply-To: D_BuG <d_bug@bk.ru>
Message-ID: <755613485.20050615175805@bk.ru>
To: bugtraq <bugtraq@securityfocus.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Vendor: Bitrix
Product:Bitrix Site Manager 4.0.x

Consequences: Web server paths
Risk: Minimal

Description: during executions of
http://host/bitrix/templates/.default/subscribe/subscr_form.php
http://host /bitrix/php_interface/dbquery_error.php
there got an erros which is causing web server internal path information availability

Google search: inurl: /bitrix/ 

Discoveried By D_BuG d_bug@bk.ru
NemesisSecurityTeam
http://nemesisoftware.com/

CheckZond free v. 1.0 http://nemesisoftware.com/products.htm
uses the vulnerabilities above for automatic vulnerabilities search (Google Hacking technique) and usage.

-- 
Best regards,
 D_BuG                          mailto:d_bug@bk.ru


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[39180] in bugtraq

Vulnerability: Bitrix Web Server Paths

daemon@ATHENA.MIT.EDU (D_BuG)Wed Jun 15 13:30:08 2005

daemon@ATHENA.MIT.EDU (D_BuG)
Wed Jun 15 13:30:08 2005