[Possible] Internal Path Disclosure (*nix)
Description
This vulnerability occurs when a web application exposes internal Unix/Linux file system paths in its responses, such as error messages, debug output, or stack traces. These paths (e.g., /var/www/html/app/config.php or /home/user/application/src/) reveal information about the server's directory structure and file organization. While not directly exploitable, this information aids attackers in understanding the application's architecture and planning more targeted attacks.
Remediation
Implement the following measures to prevent internal path disclosure:
1. Disable detailed error messages in production: Configure your web server and application framework to display generic error pages instead of detailed stack traces or debug information.
2. Configure custom error handlers: Implement application-level error handling that logs detailed errors server-side while presenting sanitized messages to users.
Example for PHP:
// In production configuration display_errors = Off log_errors = On error_log = /var/log/php_errors.log
Example for Python (Flask):
app.config['DEBUG'] = False
app.config['PROPAGATE_EXCEPTIONS'] = False
@app.errorhandler(Exception)
def handle_error(e):
app.logger.error(f'Error: {str(e)}')
return 'An error occurred', 5003. Review application output: Audit error messages, debug logs, and API responses to ensure no absolute paths are exposed to end users.
4. Use relative paths: Where possible, use relative paths in application code and avoid displaying file system references in user-facing content.