Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )

Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
Опубликовано:		8 мая 2007 г.
Источник:
SecurityVulns ID:		7676
Тип:		удаленная
Уровень опасности:		5/10
Описание:		Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.

Затронутые продукты:		OTRS : OTRS 2.0
		ADVANCEDGUESTBOO : Advanced Guestbook 2.4
		PHPHTMLLIB : PHPHtmlLib 2.4
		AMEROCANCART : american cart 3.5
		FIPSASP : fipsCMS 2.1
		PFA : pfa CMS 6.0
CVE:		CVE-2007-0609 (Directory traversal vulnerability in Advanced Guestbook 2.4.2 allows remote attackers to bypass .htaccess settings, and execute arbitrary PHP local files or read arbitrary local templates, via a .. (dot dot) in a lang cookie, followed by a filename without its .php extension, as demonstrated via a request to index.php.)
		CVE-2007-0608 (Advanced Guestbook 2.4.2 allows remote attackers to obtain sensitive information via an invalid (1) GB_TBL parameter to (a) lang/codes-english.php or (b) image.php, which reveal the database name; (2) an invalid GB_DB parameter to index.php, coupled with a ../index lang cookie, which reveals the installation path; or (3) a direct request to index.php with no parameters or cookies, which reveals the installation path.)
		CVE-2007-0605 (Cross-site scripting (XSS) vulnerability in picture.php in Advanced Guestbook 2.4.2 allows remote attackers to inject arbitrary web script or HTML via the picture parameter.)

Оригинальный текст		securityresearch_(at)_netvigilance.com, [Full-disclosure] Advanced Guestbook version 2.4.2 Directory Traversal Vulnerability (08.05.2007)
		securityresearch_(at)_netvigilance.com, [Full-disclosure] Advanced Guestbook version 2.4.2 Multiple XSS Attack Vulnerabilities (08.05.2007)
		ilkerKandemir_(at)_mynet.com, pfa CMS v6.0 (index.php repinc) Remote File Include Vulnerability (08.05.2007)
		ilkerKandemir_(at)_mynet.com, fipsCMS v2.1 Remote SQL injection Vulnerability (08.05.2007)
		ilkerKandemir_(at)_mynet.com, phpHoo3 (admin.php) Remote Login Bypass SQL Injection Vulnerability (08.05.2007)
		kepledehlah_(at)_eluwini.co.uk, american cart 3.* (abs_path) remote file include (08.05.2007)
		securityresearch_(at)_netvigilance.com, Advanced Guestbook version 2.4.2 Multiple Error Information Leak Vulnerabilities (08.05.2007)
		ciri_(at)_virtuax.be, OTRS <= 2.0.x XSS/XSRF (08.05.2007)

Файлы: