CMS Contenido Multiple Script contenido_path Variable Remote File Inclusion

2006-10-13T02:22:46
ID OSVDB:30919
Type osvdb
Reporter OSVDB
Modified 2006-10-13T02:22:46

Description

Vulnerability Description

CMS Contenido has been reported to contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is supposedly due to the dbfs.php and front_content.php scripts not properly sanitizing user input supplied to the 'contenido_path' variable. However, subsequent examination indicates that the variables are set prior to an attacker supplying input to them.

Solution Description

The vulnerability reported is incorrect. No solution required.

Short Description

CMS Contenido has been reported to contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is supposedly due to the dbfs.php and front_content.php scripts not properly sanitizing user input supplied to the 'contenido_path' variable. However, subsequent examination indicates that the variables are set prior to an attacker supplying input to them.

Manual Testing Notes

http://[target]/cms/dbfs.php?contenido_path=[shell]? http://[target]/cms/front_content.php?contenido_path=[shell]?

References:

Vendor URL: http://www.contenido.org/ Mail List Post: http://www.attrition.org/pipermail/vim/2006-October/001084.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-10/0191.html ISS X-Force ID: 29549 CVE-2006-5380