TYPO3-20051114-7: TYPO3 Security Bulletin

Categories: TYPO3 CMS Created by Ekkehard Gümbel
Situations are imaginable where sensitive information gets stored in the fileadmin/_temp_/ directory. If misconfigured in your web server, this directory can be browsable and therefore expose that information.

Component Type: Core

Affected Components: File Editor in Install Tool

Versions: TYPO3 3.8.0 and earlier

Vulnerability Type: Information Disclosure

Severity: High

Problem Description:
Situations are imaginable where sensitive information gets stored in the fileadmin/_temp_/ directory. If misconfigured in your web server, this directory can be browsable and therefore expose that information.

Solution:

Generally, please make sure to configure your web server to not allow directory indexing (or limit it to directories where you really want it).

Furthermore, we recommend to create a .htaccess file in fileadmin/_temp_/ that contains the lines

Order deny,allow
Deny from all

From TYPO3 3.8.1 on, full installation packages ("Dummy", "Quickstart" etc.) contain this .htaccess file by default.

Credits:
Thanks to Stefan Aebischer for notifying us.