| VID |
21871 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The PostNuke program is vulnerable to a remote file include vulnerability in the PNphpBB2 module. PostNuke, developed by Francisco Burzi, is a freely available, open source PHP-based content management system (CMS). Various versions of PostNuke including PNphpBB2 module versions prior to 1.2h rc3 could allow a remote attacker to include malicious PHP files, caused by improper validation of user-supplied input passed to the 'phpbb_root_path' parameter of the 'includes/functions_admin.php' script. If PHP's 'register_globals' setting is enabled, a remote attacker can send a specially-crafted URL request to execute arbitrary PHP code and operating system commands on the affected host.
* References:
http://forums.postnuke.com/index.php?name=PNphpBB2&file=viewtopic&t=41948
* Platforms Affected:
Francisco Burzi, PostNuke PNphpBB2 module versions prior to 1.2h rc3
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of PNphpBB2 (1.2h rc3 or later), available from the PNphpBB2 Web site at http://www.pnphpbb.com/index.php?name=PNphpBB2&file=viewtopic&t=5606 |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
