| VID |
21703 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The phpLDAPadmin is vulnerable to multiple input validation vulnerabilities in the welcome.php script. phpLDAPadmin is a Web-based administration tool that allows users to manage Lightweight Directory Access Protocol (LDAP) servers. phpLDAPadmin version 0.9.7-alpha5 and possibly earlier versions are vulnerable to multiple input validation vulnerabilities below:
1) A directory traversal vulnerability: If register_globals is enabled, an attacker can exploit this vulnerability to retrieve arbitrary files on the vulnerable system in the security context of the Web server process.
2) A remote file include vulnerability: If register_globals is enabled, an attacker can exploit this vulnerability to execute arbitrary PHP script code in the security context of the Web server process.
3) A cross-site scripting vulnerability: An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
* References:
http://secunia.com/advisories/16617/
http://www.securitytracker.com/alerts/2005/Aug/1014818.html
http://www.rgod.altervista.org/phpldap.html
http://www.ciac.org/ciac/bulletins/p-294.shtml
* Platforms Affected:
SourceForge.net, phpLDAPadmin version 0.9.7-alpha5 and earlier versions
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of phpLDAPadmin (0.9.7-alpha6 or later), available from the SourceForge.net Web site at http://sourceforge.net/projects/phpldapadmin |
| Related URL |
CVE-2005-2792,CVE-2005-2793 (CVE) |
| Related URL |
14695 (SecurityFocus) |
| Related URL |
22103 (ISS) |
|
