Burts AIS, osCommerce & More Blog
New URL: www.osworld.biz

Wednesday, July 20, 2005

New osCommerce Bug (serious)

http://online.securityfocus.com/bid/14294/info

osCommerce is prone to an information disclosure vulnerability. An attacker could exploit this vulnerability to display the contents of any file normally readable by the Web server process. Successful exploitation would result in information disclosure. Information obtained could be used to aid in further attacks against the underlying system; other attacks are also possible. This issue reportedly affects osCommerce version 2.2 milestone 2; other versions may also be vulnerable.
Exploit: http://www.example.com/catalog/extras/update.php?readme_file=/etc/passwd Solution: Remove the "extras" folder as this is not needed to run osCommerce. In plain English: This exploit allows an attacker to view files on the server that are not a part of osCommerce, and could theoretically hack the server.

New URL: www.osworld.biz - thanks!

1 Comments:

At 7/20/2005 11:45:00 AM, Blogger WizardsandWars said...

Wow, that's an ugly one.

I'll put that one up there with the 'change the language and make the prices all $0' exploit.


There's another bug that does something similar to this one, where using it could allow you to view all files on the server, even outside of your account, but I don't remember off the top of my head what it is. I'll look it up and post it here later.

 

Post a Comment

<< Home

View Latest Posts

To View Newer Posts - Click Here!