| VID |
21495 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The PostNuke software is vulnerable to multiple vulnerabilities in multiple scripts. PostNuke, developed by Francisco Burzi, is a freely available, open source PHP-based content management system (CMS). PostNuke versions 0.760-RC2 and earlier are vulnerable to SQL injection, cross-site scripting vulnerabilities, and path disclosure vulnerability in the pnadmin.php, past.php, admin.php, dl-util.php, dl-search.php and index.php scripts. The SQL injection vulnerabilities could allow a remote attacker to add, modify or delete user information in the database used by PostNuke. The cross-site scripting vulnerabilities could allow a remote attacker to facilitate the theft of cookie-based authentication credentials as well as other attacks.
* References:
http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2669
http://archives.neohapsis.com/archives/bugtraq/2005-02/0471.html
http://archives.neohapsis.com/archives/bugtraq/2005-02/0472.html
http://archives.neohapsis.com/archives/bugtraq/2005-02/0473.html
* Platforms Affected:
Francisco Burzi, PostNuke versions 0.760RC2 and earlier
Any operating system Any version |
| Recommendation |
Either upgrade to version 0.750 and apply the latest security fix package or upgrade to the latest version of PostNuke (0.760 RC3 or later), available from the PostNuke Security Advisory PNSA 2005-1 at http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2669 |
| Related URL |
CVE-2005-0615,CVE-2005-0617 (CVE) |
| Related URL |
12683,12684,12685 (SecurityFocus) |
| Related URL |
19525 (ISS) |
|
