| VID |
21861 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Limbo CMS program is vulnerable to an arbitrary command-execution vulnerability via the 'Itemid' parameter. Limbo CMS is a content-management system (CMS) written in PHP. Limbo CMS version 1.0.4.2 and earlier versions could allow a remote attacker to execute arbitrary PHP codes, caused by improper validation of user-supplied input passed to the 'Itemid' parameter of the 'index.php' script. A remote attacker can send a specially-crafted URL request to execute arbitrary PHP code and operating system commands on the affected host.
* References:
http://www.securityfocus.com/archive/1/426428/30/0/threaded
http://securityreason.com/exploitalert/374
http://secwatch.org/exploits/2006/03/LimboCMS.pl.info
* Platforms Affected:
Limbo CMS version 1.0.4.2 and earlier versions
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of March 2006.
Upgrade to the latest version of Limbo CMS (1.0.5 or later), when new fixed version becomes available from the Limbo CMS Web site at http://www.limbo-cms.com/ |
| Related URL |
CVE-2005-4317 (CVE) |
| Related URL |
16902 (SecurityFocus) |
| Related URL |
23606 (ISS) |
|
