Thanks in advance, Tal Argoni,CEH www.zion-security.com
·= Security Advisory =· Issue: Remote Inforamtion Discloser Vulnerabilities in "phpMyAdmin". Discovered Date: 02/01/2007 Author: Tal Argoni. [talargoni at gmail.com] Product Vendor: http://www.phpmyadmin.net/ Details: phpMyAdmin is prone to an Information Disclosure. The vulnerability exists in the "darkblue_orange" visual theme, caused by the lack of Poor configurations. By requesting the file http://www.example.com/phpMyAdmin/themes/darkblue_orange/layout.inc.php The php return a Fatal error that disclose the full path of the file on the server. Exploitation URL: http://www.example.com/phpMyAdmin/themes/darkblue_orange/layout.inc.php Vulnerable: phpMyAdmin v2.9.1.1 Solution: go to line 33 and comment the line. //$GLOBALS['cfg']['MainBackground']....; Proof Of Concept: http://www.example.com/phpMyAdmin/themes/darkblue_orange/layout.inc.php
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/