|
Family: CGI abuses --> Category: destructive_attack
UBB.threads doeditconfig Command Injection Vulnerability Vulnerability Scan
Vulnerability Scan Summary Tries to exploit an command injection flaw in UBB.threads
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP script that allows injection of
arbitrary PHP commands.
Description :
The version of UBB.threads installed on the remote host fails to
sanitize input to the 'thispath' and 'config' parameters of the
'admin/doeditconfig.php' script before using them to update the
application's configuration file. Provided PHP's 'register_globals'
setting is enabled, an unauthenticated attacker may be able to exploit
this flaw to modify configuration settings for the affected
application and even injecting arbitary PHP code to be executed
whenever the config file is loaded.
See also :
http://milw0rm.com/exploits/2457
http://www.nessus.org/u?5b90f99d
http://www.nessus.org/u?0666a806
http://www.nessus.org/u?324c0824
Solution :
Either disable PHP's 'register_globals' setting or upgrade to UBB.threads
6.5.5 or later.
Threat Level:
High / CVSS Base Score : 7.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|