|
---------------------------------------------------
tamersahin.net Security Solutions
Announcement
--------------------------------------------------- Basilix Webmail System *.class *.inc
Permission Vulnerability
Release Date:
January 12, 2001
Version Affected: Basilix Webmail System 0.9.7beta
Description: There is a simple mistake in the Basilix Webmail
system. If .class file extension is not defined as a PHP script at the
httpd.conf any attacker may see very valuable information by simply enterering
the URL :
MySQL password and username is stored in this
file.
Example Exploit: http://<running-basilix>/class/mysql.class
http://<running-basilix>/inc/sendmail.inc
(settings.inc and etc.)
Solutions: Class and inc file extensions should be defined
as PHP files and shouldn' t be given read permissions from outside. Obviously,
MySQL port should also be filtered from remote connects.
Regards; |
