Fantastic News archive.php CONFIG[script_path] Variable Remote File Inclusion

2006-09-08T03:49:05
ID OSVDB:28599
Type osvdb
Reporter Core Security Germany()
Modified 2006-09-08T03:49:05

Description

Vulnerability Description

Fantastic News version 2.1.4 is vulnerable to a remote file inclusion attack. If successful, an attacker could control the vulnerable server remotely compromising the confidentiality, availability, and integrity of the target servers data.

Technical Description

This vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).

Solution Description

Ensure that the variables are declared before including them into PHP scripts. This can be accomplished with the declare function.

Short Description

Fantastic News version 2.1.4 is vulnerable to a remote file inclusion attack. If successful, an attacker could control the vulnerable server remotely compromising the confidentiality, availability, and integrity of the target servers data.

References:

Vendor URL: http://fscripts.com/ Secunia Advisory ID:21807 Other Advisory URL: http://sx02.coresec.de/advisories/152.txt FrSIRT Advisory: ADV-2006-0826 FrSIRT Advisory: ADV-2006-3513 CVE-2006-1154 Bugtraq ID: 16985