View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0015405||phpList 3 application||Security||public||20-01-10 12:37||12-07-19 13:04|
|Target Version||Fixed in Version|
|Summary||0015405: Security issue with Version Number and Possible Probe|
|Description||This is a two part issue. The first is only in theory based on logs when the system was probed. The second is displaying the version number.|
1. I see this returning a 200 response indicating it was possibly successful.
/?p=unsubscribe/admin/index.php?_SERVER[ConfigFile]=./../../../../../../../../../../../../../../../../etc/group HTTP Response 200
2. Version numbers for any software should never be visible to the public. It's a best practice because attackers can then find exploits based on the version you're running. I was able to strip most version numbers from my install but it turns out it's still on the 404 page. How can I remove the version from the 404 pages? All users should do this ASAP.
Side Note: I believe you should add a Security category to mantis.
|Tags||No tags attached.|
point 1 has been fixed.
point 2 is a good suggestion, although I'd make it a "paranoid" setting :-)
number one has been fixed? how can i find out more information about this fix and issue?
i agree with you, that would be great to have a paranoid type setting!
point 1 is a variant of the _SERVER[ConfigFile] vulnerability that was fixed in 2.10.9
the double ? will have caused it to not work, so it's not vulnerable.