| VID |
21789 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The GuppY program is vulnerable to multiple remote vulnerabilities which exist in versions prior to 4.5.10. GuppY is a CMS (Content Management System) written in PHP that doesn't require any database to run. GuppY versions prior to 4.5.10 are vulnerable to multiple remote vulnerabilities. A remote command execution vulnerability could allow a remote attacker to execute arbitrary commands on the system with privileges of the Web server via the _SERVER[REMOTE_ADDR] parameter to error.php. In addition, multiple directory traversal vulnerabilities could allow a remote attacker to send a specially-crafted URL request including dot-dot-slash (../) character sequences to read arbitrary files outside of the document root with System level privileges via the meskin parameter to admin/editorTypetool.php, lng parameter to admin/inc or archbatch.php or dbbatch.php or nwlmail.php.
* References:
http://rgod.altervista.org/guppy459_xpl.html
http://www.securityfocus.com/archive/1/417899
http://www.frsirt.com/english/advisories/2005/2635
http://securitytracker.com/id?1015279
http://secunia.com/advisories/17790
http://archives.neohapsis.com/archives/bugtraq/2005-11/0324.html
* Platforms Affected:
GuppY versions 4.5.9 and earlier
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of GuppY (4.5.10 or later), available from the GuppY Web site at http://www.freeguppy.org/fgy5dn.php?lng=en&tconfig=0 |
| Related URL |
CVE-2005-3926,CVE-2005-3927 (CVE) |
| Related URL |
15609,15610 (SecurityFocus) |
| Related URL |
23318,23319 (ISS) |
|
