MobilePublisherPHP Multiple Script auth_method Variable Remote File Inclusion

2007-04-14T15:51:56
ID OSVDB:35325
Type osvdb
Reporter the_Edit0r(the_3dit0r@yahoo.com)
Modified 2007-04-14T15:51:56

Description

Vulnerability Description

MobilePublisherPHP has been reported to contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue was allegedly is due to multiple scripts not properly sanitizing user input supplied to the 'auth_method' variable. However, subsequent examination indicates the variable is sanitized before being processed.

Solution Description

The vulnerability reported is incorrect. No solution required.

Short Description

MobilePublisherPHP has been reported to contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue was allegedly is due to multiple scripts not properly sanitizing user input supplied to the 'auth_method' variable. However, subsequent examination indicates the variable is sanitized before being processed.

Manual Testing Notes

http://[target]/[path]/admin/index.php?auth_method=[Shell-Script] http://[target]/[path]/admin/index.php?auth_method=[Shell-Script] http://[target]/[path]/admin/list.php?auth_method=[Shell-Script] http://[target]/[path]/admin/postreview.php?auth_method=[Shell-Script] http://[target]/[path]/admin/reindex.php?auth_method=[Shell-Script] http://[target]/[path]/admin/sections.php?auth_method=[Shell-Script] http://[target]/[path]/admin/templates.php?auth_method=[Shell-Script] http://[target]/[path]/admin/userinfo.php?auth_method=[Shell-Script] http://[target]/[path]/admin/users.php?auth_method=[Shell-Script] http://[target]/[path]/admin/view.php?auth_method=[Shell-Script]

References:

Vendor URL: http://sourceforge.net/projects/mpphp/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0219.html Mail List Post: http://attrition.org/pipermail/vim/2007-April/001523.html CVE-2007-2084