PeopleAggregatory security advisory - re CVE-2007-5631

Type securityvulns
Reporter Securityvulns
Modified 2007-11-12T00:00:00


Hi all,

This is a notification that the remote file inclusion vulnerabilities reported in CVE-2007-5631 have been fixed in PeopleAggregator v1.2pre6-release-55, and are not exploitable if PHP's register_globals directive is disabled.

CVE entry:

Multiple PHP remote file inclusion vulnerabilities in PeopleAggregator 1.2pre6 allow remote attackers to execute arbitrary PHP code via a URL in the current_blockmodule_path parameter to (1) AudiosMediaGalleryModule/AudiosMediaGalleryModule.php, (2) ImagesMediaGalleryModule/ImagesMediaGalleryModule.php, (3) MembersFacewallModule/MembersFacewallModule.php, (4) NewestGroupsModule/NewestGroupsModule.php, (5) UploadMediaModule/UploadMediaModule.php, and (6) VideosMediaGalleryModule/VideosMediaGalleryModule.php in BetaBlockModules/; and (7) the path_prefix parameter to several components.

Notes from vendor: To be exploitable, the web server must be configured with PHP's register_globals directive ON. To fix a vulnerable installation, either turn register_globals OFF in php.ini or via the php_flag Apache option, or upgrade to v1.2pre6-release-55.

Advisory blog post:

Upgrade instructions:

  • If installed via Subversion, 'svn update' in the root of your PeopleAggregator install.

  • If installed via tarball, download the latest tarball from 55.tar.gz and copy all files over those from your existing installation.

Regards, Phillip Pearson Broadband Mechanics