| VID |
21457 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The ZeroBoard software are vulnerable to a remote PHP Include vulnerability in the 'dir'
parameter of the 'error.php' script. ZeroBoard is a freely available, open source PHP-based bulletin board software, and widely used in Korea. ZeroBoard versions 4.1pl5 and earlier could allow a remote attacker to execute arbitrary commands on the affected host, when both the 'allow_url_fopen' and 'register_globals' directives are enabled, caused by a design flaw in the error.php script. By specifying a malicious include file in the "dir" parameter of the "error.php" script, a remote attacker could execute arbitrary code on the system with privileges of the Web server.
* References:
http://www.optik4lab.com/modules/news/article.php?storyid=13
* Platforms Affected:
ZeroBoard versions 4.1pl5 and earlier
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of January 2005.
Upgrade to the new version of ZeroBoard (4.1pl6 or later), when new version fixed this problem becomes available from the ZeroBoard Web Site at http://www.nzeo.com/
-- OR --
As a workaround for this and similar issues, disable the 'allow_url_fopen' and 'register_globals' directives in the local site PHP configuration. |
| Related URL |
CVE-2005-0379,CVE-2005-0380 (CVE) |
| Related URL |
12206 (SecurityFocus) |
| Related URL |
18891,18892 (ISS) |
|
