| VID |
21544 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Mambo Open Source is vulnerable to a PHP remote code injection vulnerability in the Tar.php script. Mambo Open Source (formerly Mambo Site Server) is an Internet portal and content management software. Mambo Open Source versions 4.5.2 and earlier could allow a remote attacker to include malicious PHP files hosted on a third party server, caused by improper filtering of user-supplied input passed through the mosConfig_absolute_path parameter of the 'Tar.php' script. If the PHP configuration file has register_globals set to 'on', then a remote attacker could supply a specially crafted URL to include and execute arbitrary PHP code on the affected system with the privileges of the Web service.
* References:
http://www.securitytracker.com/alerts/2005/Feb/1013250.html
http://www.osvdb.org/displayvuln.php?osvdb_id=14021
http://help.mamboserver.com/index.php?option=com_content&task=view&id=426&Itemid=88
* Platforms Affected:
Miro Construct Pty Ltd., Mambo Open Source 4.5.2 and earlier
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Mambo Open Source (4.5.2.1 or later), available from the MamboForge Web site at http://sourceforge.net/projects/mambo/ |
| Related URL |
CVE-2005-0512 (CVE) |
| Related URL |
12608 (SecurityFocus) |
| Related URL |
19429 (ISS) |
|
