SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Forum/Board/Portal)  >  Jetbox CMS Vendors:  jetboxone.sourceforge.net
[Not a Vulnerability] Jetbox CMS Include File Bug in 'includes/phpdig/libs/search_function.php' Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1016765
SecurityTracker URL:  http://securitytracker.com/id?1016765
CVE Reference:  CVE-2006-4422   (Links to External Site)
Updated:  Aug 29 2006
Original Entry Date:  Aug 29 2006
Impact:  Execution of arbitrary code via network, User access via network
Exploit Included:  Yes  
Description:  A vulnerability was reported in Jetbox CMS. A remote user can include and execute arbitrary code on the target system. [Editor's note: The 'relative_script_path' parameter is set to a static value and cannot be exploited. This is not a vulnerability.]

The 'includes/phpdig/libs/search_function.php' does not properly validate user-supplied input in the 'relative_script_path' parameter. A remote user can supply a specially crafted URL to cause the target system to include and execute arbitrary PHP code from a remote location. The PHP code, including operating system commands, will run with the privileges of the target web service.

A demonstration exploit URL is provided:

http://[target]/path/includes/phpdig/libs/search_function.php?relative_script_path=[Evil Code]

CarcaBot discovered this vulnerability.

[Editor's note: This is not a genuine vulnerability. This Alert will be deleted from our database shortly.]
Impact:  A remote user can execute arbitrary PHP code and operating system commands on the target system with the privileges of the target web service.
Solution:  No solution was available at the time of this entry.

[Editor's note: The 'relative_script_path' parameter is set to a static value and cannot be exploited. This is not a vulnerability.]
Vendor URL:  jetbox.streamedge.com/ (Links to External Site)
Cause:  Input validation error, State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)
Reported By:  carcabotx@yahoo.com
Message History:   None.

 Source Message Contents
Date:  28 Aug 2006 13:08:08 -0000
From:  carcabotx@yahoo.com
Subject:  JetBox cms (search_function.php) Remote File Include

 
############################################
Found by : CarcaBot
--
E-mail : CarcaBotx [at] Yahoo [dot] com
--
$relative_script_path.'/libs/htmlheader.php
--
Exploit
--
# Google Dork: powered by Jetbox CMS
--
http://www.sitename.com/path/includes/phpdig/libs/search_function.php?relative
_script_path=[Evil Code]
--
Greets goes to : CarcaBot Administrator of Romanian Electronic Network Security Lab Team http://Hacki
ng.CarcaBot.ro - Best Romanian
 Hacking Source


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2006, SecurityGlobal.net LLC