Advanced Poll popup.php include_path Variable Remote File Inclusion

2003-10-25T09:13:47
ID OSVDB:25171
Type osvdb
Reporter Frog Man(leseulfrog@hotmail.com)
Modified 2003-10-25T09:13:47

Description

Vulnerability Description

Advanced Poll contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to popup.php not properly sanitizing user input supplied to the 'include_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Advanced Poll contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to popup.php not properly sanitizing user input supplied to the 'include_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

References:

Vendor URL: http://www.proxy2.de/scripts.php Secunia Advisory ID:10068 Related OSVDB ID: 2743 Related OSVDB ID: 3292 Related OSVDB ID: 3291 Related OSVDB ID: 25169 Related OSVDB ID: 25170 Related OSVDB ID: 25173 Related OSVDB ID: 25172 Other Advisory URL: http://packetstormsecurity.nl/0310-exploits/php.advanced.poll.txt Other Advisory URL: http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0019.html Other Advisory URL: http://www.phpsecure.info/v2/tutos/frog/AdvancedPoll2.0.2.txt Nessus Plugin ID:11487 ISS X-Force ID: 13514 CVE-2003-1179 Bugtraq ID: 8890