Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16699
HistoryApr 13, 2007 - 12:00 a.m.

[Full-disclosure] [OPENADS-SA-2007-004] Max Media Manager v0.1.29-rc and v0.3.31-alpha-pr2 vulnerability fixed

2007-04-1300:00:00
vulners.com
45

========================================================================
Openads security advisory OPENADS-SA-2007-004

Advisory ID: OPENADS-SA-2007-004
Date: 2007-Apr-11
Security risk: medium risk
Applications affetced: Max Media Manager
Versions affected: <= v0.1.29-rc, <= v0.3.31-alpha-pr2
Versions not affected: >= v0.3.31-alpha-pr3

========================================================================
Vulnerability: HTTP response splitting

Description

The ck.php (or adclick.php in v0.1.x) script is vulnerable to HTTP
response splitting attacks because the "maxdest" parameter is not
properly sanitized.

The vulnerability DOES NOT affect those running PHP >= 4.4.2 or PHP >=
5.1.2, because the header function blocks this kind of attacks.

References

  • OPENADS-SA-2007-03

Solution

  • Those running MMM v0.3.x should upgrade to v0.3.31-alpha-pr3
  • Those running MMM v0.1.x should replace adclick.php with the updated
    file:

https://developer.openads.org/browser/branches/max/branches/0.1/adclick.php?rev=5697&amp;format=raw

Contact informations

The security contact for Openads can be reached at:
<security AT openads DOT org>

Best regards

Matteo Beccati
http://www.openads.org
http://phpadsnew.com
http://phppgads.com


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/