Search...

boastMachine vote.php bmc_dir Variable Remote File Inclusion

2006-06-13T16:31:54

ID OSVDB:27674
Type osvdb
Reporter SpC-x(spc-x@bsdmail.org)
Modified 2006-06-13T16:31:54

Description

Vulnerability Description

boastMachine has been reported to contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is supposedly due to the vote.php script not properly sanitizing user input supplied to the 'bmc_dir' variable. However, subsequent evaluation indicates the variable is set to a static value in the config.php script and can not be manipulated by an attacker.

Solution Description

The vulnerability reported is incorrect. No solution required.

Short Description

Manual Testing Notes

http://[target]/boastMachine/vote.php?bmc_dir=Command-Shell

References:

Vendor URL: http://boastology.com/ Other Advisory URL: http://www.security.nnov.ru/Ndocument122.html Other Advisory URL: http://www.root-security.org/danger/boastMachine.txt Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-06/0242.html Mail List Post: http://attrition.org/pipermail/vim/2006-June/000855.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-06/0388.html Bugtraq ID: 18415

JSON Vulners Source

Initial Source

{"enchantments": {"score": {"value": 0.9, "vector": "NONE", "modified": "2017-04-28T13:20:24", "rev": 2}, "dependencies": {"references": [], "modified": "2017-04-28T13:20:24", "rev": 2}, "vulnersScore": 0.9}, "bulletinFamily": "software", "affectedSoftware": [{"name": "BoastMachine", "operator": "eq", "version": "3.1"}], "references": [], "href": "https://vulners.com/osvdb/OSVDB:27674", "id": "OSVDB:27674", "title": "boastMachine vote.php bmc_dir Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 0.0, "vector": "NONE"}, "lastseen": "2017-04-28T13:20:24", "edition": 1, "reporter": "SpC-x(spc-x@bsdmail.org)", "description": "## Vulnerability Description\nboastMachine has been reported to contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is supposedly due to the vote.php script not properly sanitizing user input supplied to the 'bmc_dir' variable. However, subsequent evaluation indicates the variable is set to a static value in the config.php script and can not be manipulated by an attacker.\n## Solution Description\nThe vulnerability reported is incorrect. No solution required.\n## Short Description\nboastMachine has been reported to contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is supposedly due to the vote.php script not properly sanitizing user input supplied to the 'bmc_dir' variable. However, subsequent evaluation indicates the variable is set to a static value in the config.php script and can not be manipulated by an attacker.\n## Manual Testing Notes\nhttp://[target]/boastMachine/vote.php?bmc_dir=Command-Shell\n## References:\nVendor URL: http://boastology.com/\nOther Advisory URL: http://www.security.nnov.ru/Ndocument122.html\nOther Advisory URL: http://www.root-security.org/danger/boastMachine.txt\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-06/0242.html\nMail List Post: http://attrition.org/pipermail/vim/2006-June/000855.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-06/0388.html\nBugtraq ID: 18415\n", "modified": "2006-06-13T16:31:54", "viewCount": 0, "published": "2006-06-13T16:31:54", "cvelist": []}