FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

WebCalendar -- information disclosure vulnerability

Affected packages
WebCalendar < 1.0.4

Details

VuXML ID 09c92f3a-fd49-11da-995c-605724cdf281
Discovery 2006-05-30
Entry 2006-06-16
Modified 2006-06-17

Secunia reports:

socsam has discovered a vulnerability in WebCalendar, which can be exploited by malicious people to bypass certain security restrictions and disclose sensitive information.

Input passed to the "includedir" parameter isn't properly verified, before it is used in an "fopen()" call. This can be exploited to load an arbitrary setting file from an external web site.

This can further be exploited to disclose the content of arbitrary files by defining the "user_inc" variable in a malicious setting file.

Successful exploitation requires that "register_globals" is enabled.

References

Bugtraq ID 18175
CVE Name CVE-2006-2762
URL http://www.securityfocus.com/archive/1/435379
URL http://www.securityfocus.com/archive/1/436263