SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   PlaySMS Vendors:   playsms.sourceforge.net
PlaySMS Lets Remote Users Inject SQL and Execute Arbitrary PHP Code
SecurityTracker Alert ID:  1010738
SecurityTracker URL:  http://securitytracker.com/id/1010738
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 19 2004
Impact:   Execution of arbitrary code via network, User access via network

Version(s): 0.6 and prior versions
Description:   Two vulnerabilities were reported in PlaySMS. A remote user may be able to execute commands on the target system. A remote user may be able to inject SQL commands.

The vendor reported that a remote user can cause the system to include and execute arbitrary PHP files with the privileges of the target web service. It is also reported that a remote user can supply a specially crafted request to inject SQL commands to be executed by the underlying database.

It may also be possible to issue an SMS command to cause certain scripts on the system to be executed.

No further details were provided.

Impact:   A remote user can execute arbitrary PHP code on the target system. The code will run with the privileges of the target user.

A remote user can inject SQL commands to be executed by the underlying database.

A remote user may be able to execute certain scripts on the target system.

Solution:   The vendor has issued a fixed version (0.7), available at:

http://sourceforge.net/project/showfiles.php?group_id=97032&package_id=103784

Vendor URL:  playsms.sourceforge.net/web/ (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   None.


 Source Message Contents

Subject:  http://playsms.sourceforge.net/web/


http://playsms.sourceforge.net/web/

 > Version 0.7 - 040716

 > - Add $feat_command_path['bin'] in config.php, only script files located under
 >   defined directory will be available for execution by SMS command (security)
 > - Add security enhencements (protection from remote file include and some SQL injections)

OSVDB: 7961  PlaySMS Unspecified SQL Injections
OSVDB: 7962  PlaySMS Unspecified Remote File Inclusion

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC