Vulnerability Description
Lyris ListManager 8.5, and possibly other versions before 8.8, includes sensitive information in the env hidden variable, which allows remote attackers to obtain information such as the installation path by requesting a non-existent page and reading the env variable from the resulting error message page.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lyris Technologies Inc | Listmanager | 5.0 |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0349.html
- http://metasploit.com/research/vulns/lyris_listmanager/Exploit
- http://secunia.com/advisories/17943PatchVendor Advisory
- http://www.osvdb.org/21552Exploit
- http://www.securityfocus.com/archive/1/419077/100/0/threaded
- http://www.securityfocus.com/bid/15789
- http://www.vupen.com/english/advisories/2005/2820
- http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0349.html
- http://metasploit.com/research/vulns/lyris_listmanager/Exploit
- http://secunia.com/advisories/17943PatchVendor Advisory
- http://www.osvdb.org/21552Exploit
- http://www.securityfocus.com/archive/1/419077/100/0/threaded
- http://www.securityfocus.com/bid/15789
- http://www.vupen.com/english/advisories/2005/2820
FAQ
What is CVE-2005-4148?
CVE-2005-4148 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Lyris ListManager 8.5, and possibly other versions before 8.8, includes sensitive information in the env hidden variable, which allows remote attackers to obtain information such as the installation p...
How severe is CVE-2005-4148?
CVE-2005-4148 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-4148?
Check the references section above for vendor advisories and patch information. Affected products include: Lyris Technologies Inc Listmanager.