what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Secunia Security Advisory 31127

Secunia Security Advisory 31127
Posted Jul 18, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - inphex has discovered a vulnerability in PHPizabi, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | ef0399f822c24cc3a40d0dceb7ba10a3894b8be64a91bb3ad85d3e7da05cd96c

Secunia Security Advisory 31127

Change Mirror Download
----------------------------------------------------------------------

Want a new job?

http://secunia.com/secunia_security_specialist/
http://secunia.com/hardcore_disassembler_and_reverse_engineer/

International Partner Manager - Project Sales in the IT-Security
Industry:
http://corporate.secunia.com/about_secunia/64/

----------------------------------------------------------------------

TITLE:
PHPizabi "writeLogEntry()" Arbitrary PHP Code Execution

SECUNIA ADVISORY ID:
SA31127

VERIFY ADVISORY:
http://secunia.com/advisories/31127/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
>From remote

SOFTWARE:
PHPizabi 0.x
http://secunia.com/product/19331/

DESCRIPTION:
inphex has discovered a vulnerability in PHPizabi, which can be
exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an error within the
"writeLogEntry()" function in system/v_cron_proc.php. This can be
exploited to write arbitrary data to arbitrary files via the
CONF[CRON_LOGFILE] and CONF[LOCALE_LONG_DATE_TIME] parameters.

Successful exploitation allows execution of arbitrary PHP code, but
requires that "register_globals" is enabled.

The vulnerability is confirmed in version 0.848b C1 HFP3 SF1. Other
versions may also be affected.

SOLUTION:
Set "register_globals" to Off.

Restrict access to the the system/v_cron_proc.php script (e.g. via
".htaccess").

PROVIDED AND/OR DISCOVERED BY:
inphex

ORIGINAL ADVISORY:
http://milw0rm.com/exploits/6085

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Login or Register to add favorites

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close