Les Commentaires fonctions.lib.php Remote File Inclusion

2004-02-03T09:27:27
ID OSVDB:3797
Type osvdb
Reporter Himeur Nourredine(lostnoobs@security-challenge.com)
Modified 2004-02-03T09:27:27

Description

Vulnerability Description

Les Commentaires contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to fonctions.lib.php not properly sanitizing user input supplied to the 'rep' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

Solution Description

Upgrade to version Les Commentaires 2.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Les Commentaires contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to fonctions.lib.php not properly sanitizing user input supplied to the 'rep' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

References:

Vendor Specific Solution URL: http://www.phpscripts-fr.net/scripts/download.php?id=321 Secunia Advisory ID:10768 Related OSVDB ID: 15990 Related OSVDB ID: 15991 ISS X-Force ID: 15010 CVE-2004-0246 Bugtraq ID: 9536