Geeklog lib-common.php Local File Inclusion

2006-02-19T03:32:39
ID OSVDB:23349
Type osvdb
Reporter James Bercegay(security@gulftech.org)
Modified 2006-02-19T03:32:39

Description

Vulnerability Description

Geeklog contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to lib-common.php not properly sanitizing user input supplied to the 'language' variable. This may allow an attacker to read arbitrary local files or include local files which contain arbitrary commands which will be executed by the vulnerable script.

Solution Description

Upgrade Geeklog to version 1.4.0sr1 or 1.3.11sr4 or higher, as it has been reported to fix this vulnerability. Media Gallery users can upgrade to 1.2.4. An upgrade is required as there are no known workarounds.

Short Description

Geeklog contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to lib-common.php not properly sanitizing user input supplied to the 'language' variable. This may allow an attacker to read arbitrary local files or include local files which contain arbitrary commands which will be executed by the vulnerable script.

References:

Vendor URL: http://www.geeklog.net/ Vendor Specific News/Changelog Entry: http://www.mediagallery.org/article.php?story=20060219232313492 Vendor Specific News/Changelog Entry: http://www.geeklog.net/article.php/geeklog-1.4.0sr1 Secunia Advisory ID:18920 Secunia Advisory ID:18982 Related OSVDB ID: 23348 Other Advisory URL: http://www.gulftech.org/?node=research&article_id=00102-02192006 Nessus Plugin ID:20959 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-02/0345.html ISS X-Force ID: 24776 FrSIRT Advisory: ADV-2006-0661 CVE-2006-0824 Bugtraq ID: 16755