| VID |
21489 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The phpWebSite, according to its version number, has a PHP file upload vulnerability in the Announce module. phpWebSite provides an open-source based web site content management system (CMS) written in PHP. phpWebSite versions 0.10.0 and earlier are vulnerable to a remote arbitrary PHP file upload vulnerability, caused by a vulnerability in the Announce module. By setting the Image field to reference a PHP file whose name contains a .gif.php extension, a remote attacker can upload PHP scripts disguised as image files. The attacker can exploit this vulnerability to execute arbitrary code on the system.
* Note: This check solely relied on the version number of the remote phpWebSite installed on the web server to assess this vulnerability, so this might be a false positive.
* References:
http://secunia.com/advisories/14399/
http://www.securitytracker.com/alerts/2005/Feb/1013298.html
http://securityfocus.com/archive/1/391496
http://securityfocus.com/archive/1/391537
* Platforms Affected:
Appalachian State University, phpWebSite versions 0.10.0 and earlier
Any Operating system Any version |
| Recommendation |
Upgrade to the latest version of phpWebSite (0.10.0 later) or the latest phpWebSite patch for version 0.10.0 (phpws_files_security_patch.tgz dated February 28, 2005), available from the phpWebSite Web site at http://phpwebsite.appstate.edu/
For Gentoo Linux:
Upgrade to the latest version of phpWebSite (0.10.0-r2 or later), as listed in Gentoo Linux Security Advisory GLSA 200503-04 at http://www.gentoo.org/security/en/glsa/glsa-200503-04.xml
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-2005-0565 (CVE) |
| Related URL |
12653 (SecurityFocus) |
| Related URL |
19482 (ISS) |
|
