Gossamer Threads DBMan Information Leakage Vulnerability

Solution:
Gossamer Threads has released the following solution. Verify that $db_debug is turned off in the configuration file and replace cgierr in the db.cgi file with the following:

sub cgierr {
# --------------------------------------------------------
# Displays any errors and prints out FORM and ENVIRONMENT
# information. Useful for debugging.

if (!$html_headers_printed) {
print "Content-type: text/html\n\n";
$html_headers_printed = 1;
}
print "DBMan encountered an internal error. ";
if ($db_debug) {
print

"</font></p>
<div align="left"><pre><font size="3"
face="Arial, Helvetica, sans-serif">\n\nCGI ERROR\n==========================================\n";
$_[0] and print "Error Message : $_[0]\n";
$0 and print "Script Location : $0\n";
$] and print "Perl Version : $]\n";
$db_setup and print "Setup File : $db_setup.cfg\n";
$db_userid and print "User ID : $db_userid\n";
$db_uid and print "Session ID : $db_uid\n";

print "\nForm Variables\n-------------------------------------------\n";
foreach $key (sort keys %in) {
my $space = " " x (20 - length($key));
print "$key$space: $in{$key}\n";
}
print "\nEnvironment Variables\n-------------------------------------------\n";
foreach $env (sort keys %ENV) {
my $space = " " x (20 - length($env));
print "$env$space: $ENV{$env}\n";
}
print "\n</font></pre>
</div><p><font size="3"
face="Arial, Helvetica, sans-serif">"; } else {
print "Please enable debugging to view."; }
exit -1; }



 

Privacy Statement
Copyright 2010, SecurityFocus