| VID |
21982 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Dokeos program is vulnerable to a remote file include vulnerability via the 'extAuthSource' parameter. Dokeos is a learning management system. Dokeos versions 1.6.5 and earlier and Dokeos Community Release versions 2.x are vulnerable to a remote file include vulnerability, caused by improper validation of user-supplied input passed to the 'extAuthSource[newUser]' parameter of the 'claro_init_local.inc.php' script. If PHP's 'register_globals' setting is enabled, a remote attacker could send a specially-crafted URL request to execute arbitrary PHP code and operating system commands on the affected host.
* References:
http://www.gulftech.org/?node=research&article_id=00112-09142006
http://www.frsirt.com/english/advisories/2006/3638
http://www.frsirt.com/english/advisories/2006/3639
http://secunia.com/advisories/21931
http://secunia.com/advisories/21948
* Platforms Affected:
Dokeos version 1.6.5 and earlier versions
Dokeos Community Release versions 2.x
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of Sep 2006.
Upgrade to the latest version of Dokeos, when new version fixed this problem becomes available from the Dokeos Learning Management System Web site at http://www.dokeos.com/download.php
As a workaround, disable PHP's 'register_globals' setting. |
| Related URL |
CVE-2006-4844 (CVE) |
| Related URL |
20056 (SecurityFocus) |
| Related URL |
28943 (ISS) |
|
