SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Generic)  >   PHProjekt Vendors:   Guenther, Albrecht
PHProjekt 'authform.inc.php' Include File Flaw Lets Remote Users Execute Arbitrary Command
SecurityTracker Alert ID:  1012708
SecurityTracker URL:  http://securitytracker.com/id/1012708
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Dec 28 2004
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 4.2.2
Description:   Phil C. reported a vulnerability in PHProjekt in 'authform.inc.php'. A remote user can execute arbitrary commands on the target system.

It is reported that a remote user can supply a specially crafted $path_pre variable to cause 'authform.inc.php' to include and execute arbitrary PHP code from a remote location. The PHP code, including operating system commands, will run with the privileges of the target web service.
Impact:   A remote user can execute arbitrary PHP code and operating system commands on the target system with the privileges of the target web service.
Solution:   The vendor has issued a fixed version (4.2.3), available at:

http://www.phprojekt.com/

Also, a patch is available at:

http://www.phprojekt.com/files/4.2/lib.zip
Vendor URL:  www.phprojekt.com/ (Links to External Site)
Cause:   Input validation error, State error
Underlying OS:   Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Dec 31 2004 (Gentoo Issues Fix) PHProjekt 'authform.inc.php' Include File Flaw Lets Remote Users Execute Arbitrary Command   (Thierry Carrez <koon@gentoo.org>)
Gentoo has released a fix.


 Source Message Contents
Date:  Mon, 27 Dec 2004 16:53:38 -0800
Subject:  PHProjekt Remote File Include Vulnerability


Website: http://www.phprojekt.com/
Affected: PHProjekt
Version: 4.2.2
Vulnerable file: authform.inc.php
Discovered date: 2004-12-10
Disclosed date: 2004-12-27
Vendor notified: Yes
Disclosed by: Phil C. (phil.c@cytechnet.com)

Summary:
The script authform.inc.php does not properly validate user input allowing a
remote user to

define the global variable $path_pre to cause the script to execute arbitrary
PHP code from a

remote server. This allows a remote user to execute operating system commands
with the

privileges of the target web server.

Vendor Status: Fixed
Current Version: 4.2.3
Patch: http://www.phprojekt.com/files/4.2/lib.zip

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC