| VID |
21617 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The PostNuke software is vulnerable to multiple vulnerabilities (2) in multiple scripts. PostNuke, developed by Francisco Burzi, is a freely available, open source PHP-based content management system (CMS). PostNuke versions 0.760-RC4a and earlier are vulnerable to multiple vulnerabilities as follows:
1) Multiple Remote Code Injection Vulnerabilities: A remote attacker could exploit these vulnerabilities to read arbitrary files on the affected host, or to inject arbitrary PHP code.
2) Multiple SQL Injection Vulnerabilities: A remote attacker could exploit these vulnerabilities to add, modify or delete user information in the database used by PostNuke.
3) Multiple Cross-Site Scripting Vulnerabilities: A remote attacker could exploit these vulnerabilities to facilitate the theft of cookie-based authentication credentials as well as other attacks.
4) Multiple Path Disclosure Vulnerabilities: A remote attacker could send a specially-crafted HTTP request to multiple scripts which would cause the server to return an error message containing the full installation path of PostNuke.
* References:
http://archives.neohapsis.com/archives/bugtraq/2005-05/0254.html
http://archives.neohapsis.com/archives/bugtraq/2005-05/0255.html
http://archives.neohapsis.com/archives/bugtraq/2005-05/0256.html
http://archives.neohapsis.com/archives/fulldisclosure/2005-05/0364.html
* Platforms Affected:
Francisco Burzi, PostNuke versions 0.760-RC4a and earlier
Any operating system Any version |
| Recommendation |
For PostNuke 0.750:
Apply the fixes for these vulnerabilities, as listed in the PostNuke Security Advisory PNSA 2005-2 page at http://news.postnuke.com/Article2691.html
For PostNuke 0.760:
Upgrade to the latest version of PostNuke (0.760-RC4b or later), available from the PostNuke Download Web page at http://news.postnuke.com/Downloads-index-req-viewdownload-cid-14.html |
| Related URL |
CVE-2005-1621,CVE-2005-1694,CVE-2005-1695,CVE-2005-1696,CVE-2005-1697,CVE-2005-1698,CVE-2005-1699,CVE-2005-1700,CVE-2005-1777,CVE-2005-1778 (CVE) |
| Related URL |
13706,13789 (SecurityFocus) |
| Related URL |
20600,20694,20695,20696,20697,20699,20702 (ISS) |
|
