Web application abuses : DokuWiki '.php' Files Information Disclosure Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.902734

Categoría: Web application abuses

Título: DokuWiki '.php' Files Information Disclosure Vulnerability

Resumen: DokuWiki is prone to an information disclosure vulnerability.

Descripción: Summary:
DokuWiki is prone to an information disclosure vulnerability.

Vulnerability Insight:
The flaw is due to error in certain '.php' files. A direct
request to these files reveals the installation path in an error message.

Vulnerability Impact:
Successful exploitation will allow attacker to gain sensitive
information.

Affected Software/OS:
DokuWiki version 2009-12-25c.

Solution:
Upgrade to DokuWiki version dokuwiki-20121013 or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-3727
BugTraq ID: 56328
http://www.securityfocus.com/bid/56328
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090755.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090938.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090899.html
http://security.gentoo.org/glsa/glsa-201301-07.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2013:073
http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README
http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/dokuwiki-2009-12-25c
http://www.openwall.com/lists/oss-security/2011/06/27/6

Copyright Copyright (C) 2011 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.902734
Categoría:	Web application abuses
Título:	DokuWiki '.php' Files Information Disclosure Vulnerability
Resumen:	DokuWiki is prone to an information disclosure vulnerability.
Descripción:	Summary: DokuWiki is prone to an information disclosure vulnerability. Vulnerability Insight: The flaw is due to error in certain '.php' files. A direct request to these files reveals the installation path in an error message. Vulnerability Impact: Successful exploitation will allow attacker to gain sensitive information. Affected Software/OS: DokuWiki version 2009-12-25c. Solution: Upgrade to DokuWiki version dokuwiki-20121013 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3727 BugTraq ID: 56328 http://www.securityfocus.com/bid/56328 http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090755.html http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090938.html http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090899.html http://security.gentoo.org/glsa/glsa-201301-07.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:073 http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/dokuwiki-2009-12-25c http://www.openwall.com/lists/oss-security/2011/06/27/6
Copyright	Copyright (C) 2011 Greenbone AG