| VID |
21980 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Claroline software is vulnerable to a remote file include vulnerability via the 'extAuthSource' parameter. Claroline is an Open Source software based on PHP/MySQL. It's a collaborative learning environment allowing teachers or education institutions to create and administer courses through the Web. Claroline version 1.7.7 and earlier versions are vulnerable to a remote file include vulnerability, caused by improper validation of user-supplied input passed to the 'extAuthSource[newUser]' parameter of the 'claro_init_local.inc.php' script. A remote attacker could send a specially-crafted URL request to execute arbitrary PHP code and operating system commands on the affected host.
* References:
http://www.claroline.net/wiki/index.php/Changelog_1.7.x#Modification_between_claroline_1.7.7_and_1.7.8
http://www.gulftech.org/?node=research&article_id=00112-09142006
http://www.frsirt.com/english/advisories/2006/3638
http://www.frsirt.com/english/advisories/2006/3639
http://secunia.com/advisories/21931
http://secunia.com/advisories/21948
* Platforms Affected:
Claroline GPL Open Source Project, Claroline version 1.7.7 and earlier versions
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Claroline (1.7.8 or later), available from the Claroline Download Web site at http://sourceforge.net/projects/claroline-pack/ |
| Related URL |
CVE-2006-4844 (CVE) |
| Related URL |
20056 (SecurityFocus) |
| Related URL |
28943 (ISS) |
|
