CVE Logo

 

 

 

Best Security Research

 »  netVigilance is an active contributor to nvd.nist.gov
 
 » Every vulnerability in our database is independently scored according to CVSS 2.0
 
 » Our Scoring is compared to nvd.nist.gov and inconsistencies are reported to the NVD team at NIST
 
 »

netVigilance is responsible for more than 400 changes to the National Vulnerability Database - more than anyone else.
 

 » Our Professional Services team will validate any vulnerability Scoring for you.
 
netVigilance Security Advisory
 
 
 
LifeType version 1.1.2 Multiple Path
 
Disclosure Vulnerabilities
*

Fact: More than 15 vulnerabilities were discovered EVERY day of 2009

Description: 

LifeType is a Blogging platform built with PHP, designed with maximum customizability, speed and ease of use in mind. Due to program flaws it is possible for the remote attacker to disclose the true path of the server-side script.

External References: 
Mitre CVE: CVE-2006-6112 
NVD NIST: CVE-2006-6112
OSVDB: 30685  30686 

Summary: 
LifeType is a blogging platform built with PHP, designed with maximum customizability, speed and ease of use in mind.
A security problem in the product allows attackers to gather the true path of the server-side script. 

Release Date:
November 30 2006

Severity:
Risk: Low
 
CVSS Metrics
Access Vector: Remote
Access Complexity: Low
Authentication: not-required
Confidentiality Impact: Partial
Integrity Impact: None
Availability Impact: None
Impact Bias: Normal
CVSS Base Score: 2.3
 
Target Distribution on Internet: Low
 
Exploitability: Functional Exploit
Remediation Level: Official Fix
Report Confidence: Confirmed
 
Vulnerability Impact: Attack
Host Impact: Path disclosure. 

SecureScout Testcase ID:
TC 17938

Vulnerable Systems:
Lifetype version 1.1.2 and earlier 

Vulnerability Type:
Program flaw - The bayesianfilter.class.php and bootstrap.php scripts has flaws which lead to a Warning or even Fatal Errors.

Vendor Status: 
The Vendor has been notified. LifeType has released an immediate patch, Soon to be released version 1.1.3 and above solves the problem.
For Additional information see vendors release here !
To download latest version goto Lifetype's download section 

Workaround: 
Disable warning messages: modify in the php.ini file following line display_errors = Off 
Or modify .htaccess file (this will work only for the apache servers).

Example: 
HTTP REQUEST http://[TARGET]/[lifetype-directory]/class/bootstrap.php

REPLY
......
Notice: Use of undefined constant PLOG_CLASS_PATH - assumed 'PLOG_CLASS_PATH' in [FULL PATH TO FILE]bootstrap.php on line 24

Warning: main(PLOG_CLASS_PATHclass/object/exception.class.php): failed to open stream: No such file or directory in [FULL PATH TO FILE]bootstrap.php on line 24

Warning: main(): Failed opening 'PLOG_CLASS_PATHclass/object/exception.class.php' for inclusion (include_path='.;/usr/local/php/PEAR') in [FULL PATH TO FILE]bootstrap.php on line 24

Notice: Use of undefined constant PLOG_CLASS_PATH - assumed 'PLOG_CLASS_PATH' in



or 

HTTP REQUEST http://[TARGET]/[lifetype-directory]/class/security/bayesianfilter.class.php

REPLY
...
Notice: Use of undefined constant PLOG_CLASS_PATH - assumed 'PLOG_CLASS_PATH' in [FULL PATH TO FILE]bayesianfilter.class.php on line 3

Warning: main(PLOG_CLASS_PATHclass/security/pipelinefilter.class.php): failed to open stream: No such file or directory in [FULL PATH TO FILE]bayesianfilter.class.php on line 3

Warning: main(): Failed opening 'PLOG_CLASS_PATHclass/security/pipelinefilter.class.php' for inclusion (include_path='.;/usr/local/php/PEAR') in [FULL PATH TO FILE]bayesianfilter.class.php on line 3

Notice: Use of undefined constant PLOG_CLASS_PATH - assumed 'PLOG_CLASS_PATH' in [FULL PATH TO FILE]bayesianfilter.class.php on line 4

Warning: main(PLOG_CLASS_PATHclass/net/client.class.php): failed to open stream: No such file or directory in [FULL PATH TO FILE]bayesianfilter.class.php on line 4

Warning: main(): Failed opening 'PLOG_CLASS_PATHclass/net/client.class.php' for inclusion (include_path='.;/usr/local/php/PEAR') in [FULL PATH TO FILE]bayesianfilter.class.php on line 4

Fatal error: Class bayesianfilter: Cannot inherit from undefined class pipelinefilter in [FULL PATH TO FILE]bayesianfilter.class.php on line 29
...



Credits: 
Jesper Jurcenoks
Co-founder netVigilance, Inc
www.netvigilance.com 

 

back to Security Advisories 

 

 

Copyright©2004-2011,  netVigilance, Inc.   All rights reserved  • Privacy Policy

netVigilance©