Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
Опубликовано:3 апреля 2007 г.
Источник:
SecurityVulns ID:7522
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:2BGAL : 2BGal 3.1
 DIRECTADMIN : DirectAdmin 1.29
 MAPTOOLS : MapLab 2.2
 LAM : LDAP Account Manager 1.2
 HOLA : holaCMS 1.4
 MYBB : MyBulletinBoard 1.2
CVE:CVE-2007-1926 (Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via (1) http or (2) ftp requests logged in /var/log/directadmin/security.log; (3) allows context-dependent attackers to inject arbitrary web script or HTML into /var/log/messages via a PHP script that invokes /usr/bin/logger; (4) allows local users to inject arbitrary web script or HTML into /var/log/messages by invoking /usr/bin/logger at the command line; and allows remote attackers to inject arbitrary web script or HTML via remote requests logged in the (5) /var/log/exim/rejectlog, (6) /var/log/exim/mainlog, (7) /var/log/proftpd/auth.log, (8) /var/log/httpd/error_log, (9) /var/log/httpd/access_log, (10) /var/log/directadmin/error.log, and (11) /var/log/directadmin/security.log files.)
 CVE-2007-1852 (** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in 2BGal 3.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the lang_filename parameter to (1) index.php or (2) backupdb.inc.php in admin/, or other unspecified files, different vectors than CVE-2006-5505. NOTE: this issue has been disputed by CVE, since the lang_filename variable is defined before it is used.)
 CVE-2007-1843 (PHP remote file inclusion vulnerability in gmapfactory/params.php in MapLab 2.2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the gszAppPath parameter.)
 CVE-2007-1840 (lib/modules.inc in LDAP Account Manager (LAM) before 1.3.0 does not escape HTML special characters in LDAP data, which allows remote attackers to have an unknown impact, probably cross-site scripting (XSS).)
 CVE-2006-7191 (Untrusted search path vulnerability in lamdaemon.pl in LDAP Account Manager (LAM) before 1.0.0 allows local users to gain privileges via a modified PATH that points to a malicious rm program.)
Оригинальный текстdocumentSecurityAudit_(at)_majorsecurity.de, [MajorSecurity Advisory #37]HolaCMS - Cross Site Scripting Issue (03.04.2007)
 documentmufti.rizal_(at)_gmail.com, Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability (03.04.2007)
 documentKanedaaa Bohater, DirectAdmin persistant XSS [takeover an Administrator`s account] (03.04.2007)
 documentBorN To K!LL BorN To K!LL, 2BGal 3.1.1 <= (admin/index.php) Remote File Include Vulnerability (03.04.2007)
Файлы:MyBulletinBoard (MyBB) <= 1.2.3 Remote Code Execution Exploit

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород