phpLDAPadmin 0.9.6 - 0.9.7/alpha5 (possibly prior versions) system disclosure, Aug 29 2005 09:35PM
retrogod aliceposta it
phpLDAPadmin 0.9.6 - 0.9.7/alpha5 (possibly prior versions) system disclosure,
remote code execution, cross site scripting

author site: http://phpldapadmin.sourceforge.net/
description: phpLDAPadmin is a web-based LDAP client. It provides easy,
anywhere-accessible, multi-language administration for your LDAP server

if unpatched and vulnerable, a user can see any file on target system, poc:


a user can also execute arbitrary php code and system commands:


where cmd.gif is a file like this:

<?php system('[some_command]); ?>

also a user can craft a malicious url to include malicious client side code that
will be executed in the security contest of the victim browser

googledork: phpLDAPadmin intitle:phpLDAPadmin filetype:php inurl:tree.php | inurl:login.php | inurl:donate.php

site: http://rgod.altervista.org
email: retrogod at aliceposta.it

original advisory: http://www.rgod.altervista.org/phpldap.html

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus