| VID |
21458 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The PHP-Calendar software are vulnerable to a remote PHP Include vulnerability in the 'phpc_root_path' parameter of the 'calendar.php' and 'setup.php' scripts. PHP-Calendar is a Web based calendar implemented in PHP. PHP-Calendar versions 0.10.0 and earlier could allow a remote attacker to execute arbitrary commands on the affected host, when both the 'allow_url_fopen' and 'register_globals' directives are enabled. By specifying a malicious include file in the 'phpc_root_path' parameter of the 'calendar.php' or 'setup.php' script, a remote attacker could execute arbitrary code on the system with privileges of the Web server.
* References:
http://packetstormsecurity.nl/0412-exploits/phpcalendar.txt
http://www.gulftech.org/?node=research&article_id=00060-12292004
* Platforms Affected:
PHP-Calendar versions 0.10.0 and earlier
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of January 2005.
Upgrade to the new version of PHP-Calendar, when new version fixed this problem becomes available from the PHP-Calendar Web page at http://php-calendar.sourceforge.net/
-- OR --
As a workaround, add the following lines to the top of the affected pages:
if ( !defined('IN_PHPC') ) {
die("Hacking attempt");
}
-- OR --
As another workaround for this and similar issues, disable the 'allow_url_fopen' and 'register_globals' directives in the local site PHP configuration. |
| Related URL |
CVE-2004-1423 (CVE) |
| Related URL |
12127 (SecurityFocus) |
| Related URL |
18710 (ISS) |
|
