Due to an improper control of the filename for a require_once()
statement in the routing component a limited local file inclusion vulnerability is existent in all below mentioned ownCloud versions.
Depending on the ownCloud configuration and the authentication state of a remote attacker this vulnerability may have different impact. Specifically:
/data/
directory is below the ownCloud root. The directory can be moved using the datadirectory
configuration in config/config.php
.ownCloud Inc. is currently not aware of any active attack that are exploiting this vulnerability. To verify whether your installation might have been attacked you can use the following regular expression: index.php\/[^ /]+\/[^ /]+\/[\.]+\/[\.]+\/
. (e.g. cat /var/log/apache2/access_log | grep -i -E 'index.php\/[^ /]+\/[^ /]+\/[\.]+\/[\.]+\/*'
)
Please contact [email protected] if you have proof that you’ve been attacked using this vulnerability.
For more information please consult the official advisory.
This advisory is licensed CC BY-SA 4.0
CPE | Name | Operator | Version |
---|---|---|---|
owncloud server | lt | 6.0.4 | |
owncloud server | lt | 5.0.17 |