info
discussion
exploit
solution
references
SWSoft Confixx Backup And Restore Script Information Disclosure And File Ownership Vulnerabilities
Solution:
The vendor has released patches to fix these vulnerabilities:
SWSoft Confixx Pro 3
SWSoft confixx_update_Pro_3.0.3_mysql3.tgz
For MySQL version 3.x users.
ftp://download1.sw-soft.com/Confixx/ConfixxPro3/3.0.3/confixx_update_P ro_3.0.3_mysql3.tgz
SWSoft confixx_update_Pro_3.0.3_mysql4.tgz
For MySQL version 4.x users.
ftp://download1.sw-soft.com/Confixx/ConfixxPro3/3.0.3/confixx_update_P ro_3.0.3_mysql4.tgz
SWSoft confixx_v3.0.3_hotfix_002.sh.gz
ftp://download1.sw-soft.com/Confixx/ConfixxPro3/3.0.3/confixx_v3.0.3_h otfix_002.sh.gz
SWSoft confixx_v3.0.3_mysql3_hotfix_003.sh.gz
For MySQL version 3.x users.
ftp://download1.sw-soft.com/Confixx/ConfixxPro3/3.0.3/confixx_v3.0.3_m ysql3_hotfix_003.sh.gz
SWSoft confixx_v3.0.3_mysql4_hotfix_003.sh.gz
For MySQL version 4.x users.
ftp://download1.sw-soft.com/Confixx/ConfixxPro3/3.0.3/confixx_v3.0.3_m ysql4_hotfix_003.sh.gz
Privacy Statement
Copyright 2010, SecurityFocus