[KAPDA::#11] - Mambo Open Source, Path disclosure KAPDA New advisory Vendor: http://www.mamboserver.com Vulnerable Versions: 4.5.2.3 , 4.5.2.2 , 4.5.2.1 ,4.5.2 Bug: path disclosure Exploitation: Remote with browser Discussion: -------------------- Mambo is a feature-rich dynamic portal engine/content management tool capable of building sites from several pages to several thousand. Mambo uses PHP/MySQL and features a very comprehensive admin manager. Vulnerability: -------------------- A remote user can supply a specially crafted URL to cause the system to display an error message that discloses the installation path and other data. Bug exists in "content.php" (Content Component of mambo) Demonstration URL : -------------------- http://www.example.com/mambo/index.php?option=com_content&task=section&id=1&Itemid=PATH Solution: -------------------- There is no vendor-supplied patch for this issue at this time but we are not advising you to upgrade to Joomla because Mambo, version 4.5.3, will be released soon ( by the end of November this year). 4.5.3 represents the new Teamâ??s first consolidation of bug fixes and includes a number of security enhancements. More Detail: -------------------- Original advisory: http://irannetjob.com/content/view/153/28/ Farsi distribution of mambo: http://www.mambo.ir Credit : -------------------- Discovered & released by trueend5 (trueend5 kapda ir) Security Science Researchers Institute Of Iran [http://www.KAPDA.ir] __________________________________ Yahoo! FareChase: Search multiple travel sites in one click. http://farechase.yahoo.com
