| VID |
21925 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Geeklog application is vulnerable to an arbitrary file upload vulnerability in FCKeditor file manager. Geeklog, also known as Weblog, is a PHP/MySQL based application for managing dynamic web contents. Geeklog version 1.4.0sr3 and earlier versions could allow a remote attacker to upload malicious PHP files to the "images/library/File" directory on the affected host via the /fckeditor/editor/filemanager/browser/mcpuk/connectors/php/connector.php script. A remote attacker could exploit this vulnerability to execute arbitrary code on the vulnerable system. Successful exploitation requires an Apache server with the "mod_mime" module installed.
* References:
http://www.geeklog.net/article.php/exploit-for-fckeditor-filemanager
http://www.geeklog.net/article.php/geeklog-1.4.0sr4
http://www.milw0rm.com/exploits/1964
http://www.frsirt.com/english/advisories/2006/2611
http://secunia.com/advisories/20886/
* Platforms Affected:
Geeklog 1.4.0sr3 and earlier versions
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Geeklog (1.4.0sr4 or later), available from the Geeklog Web site at http://www.geeklog.net/filemgmt/index.php?id=727 |
| Related URL |
CVE-2006-3362 (CVE) |
| Related URL |
18767 (SecurityFocus) |
| Related URL |
27494 (ISS) |
|
