Common Vulnerabilities and Exposures assigned an identifier CVE-2011-3707 to the following vulnerability: Name: CVE-2011-3707 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3707 Assigned: 20110923 Reference: http://www.openwall.com/lists/oss-security/2011/06/27/6 Reference: http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README Reference: http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/auth JanRain PHP OpenID library (aka php-openid) 2.2.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Auth/Yadis/Yadis.php and certain other files.
Created php-pear-Auth-OpenID tracking bugs for this issue Affects: fedora-all [bug 741383]
NOTABUG: The Fedora packages install php-pear-Auth-OpenID to /usr/share/pear/Auth_OpenID/ outside the webroot and there is no mapping/etc. to expose that directory. Also it appears this bug was originally reported by yehg.net to Google, Yehg sources: http://yehg.net/lab/pr0js/advisories/path_disclosure/vanilla-2.0.16 http://yehg.net/lab/pr0js/advisories/path_disclosure/statusnet-0.9.6 indicate that some PHP apps ship a static copy of php-pear-Auth-OpenID within their files and expose them within the webroot.