[42329] in bugtraq
Re: IRM 015: File system path disclosure on TYPO3 Web Content Manager
daemon@ATHENA.MIT.EDU (Michael Shigorin)
Fri Jan 20 00:01:27 2006
Date: Thu, 19 Jan 2006 21:13:27 +0200
From: Michael Shigorin <mike@osdn.org.ua>
To: bugtraq@securityfocus.com
Cc: security@typo3.org
Message-ID: <20060119191327.GC11208@osdn.org.ua>
Reply-To: shigorin@gmail.com
Mail-Followup-To: bugtraq@securityfocus.com, security@typo3.org
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="BFVE2HhgxTpCzM8t"
Content-Disposition: inline
In-Reply-To: <005801c61ce3$628b2d40$660019ac@test.irmplc.com>
--BFVE2HhgxTpCzM8t
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Jan 19, 2006 at 10:30:36AM -0000, Advisories wrote:
> File system path disclosure on TYPO3 Web Content Manager
> Vulnerablity Type / Importance: Information Leakage / Medium
Hm, since when path disclosure is "medium importance"?
> The following files were found to disclose the application path:
> http://hostname/typo3/t3lib/thumbs.php
> http://hostname/tslib/showpic.php
> http://hostname/t3lib/stddb/tables.php
> Tested Versions:
> Version 3.7.1=20
The first one verified as applicable to 3.8.1 too (easily
avoidable by adding IP- or user-based access restriction
to /typo3 since that's administrative backend anyways),
and the rest doesn't disclose anything on properly configured
at least display_errors-wise webserver, which is a documented
recommended (and often reiterated everywhere) PHP setup.
> Workarounds:
> IRM are not aware of any workarounds for this issue.
Ouch. :)
--=20
---- WBR, Michael Shigorin <mike@altlinux.ru>
------ Linux.Kiev http://www.linux.kiev.ua/
--BFVE2HhgxTpCzM8t
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFDz+TWbsPDprYMm3IRAsTzAJ95EE3jI3vFMZfSxaeMngvXvONOjQCdEj11
M8aMdL19h8fLI3+7F4NNNXM=
=WJmd
-----END PGP SIGNATURE-----
--BFVE2HhgxTpCzM8t--
