Mambo Open Source Global Variables Unauthorized Access Vulnerability
BID:12436
Info
Mambo Open Source Global Variables Unauthorized Access Vulnerability
| Bugtraq ID: | 12436 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 02 2005 12:00AM |
| Updated: | Feb 02 2005 12:00AM |
| Credit: | This issue was reported by the vendor. |
| Vulnerable: |
Mambo Mambo Open Source 4.5.1 (1.0.9) Mambo Mambo Open Source 4.5.1 Mambo Mambo Open Source 4.5 (1.0.3beta) Mambo Mambo Open Source 4.5 (1.0.3) Mambo Mambo Open Source 4.5 (1.0.2) Mambo Mambo Open Source 4.5 (1.0.1) Mambo Mambo Open Source 4.5 (1.0.0) Mambo Mambo Open Source 4.0.14 |
| Not Vulnerable: | |
Discussion
Mambo Open Source Global Variables Unauthorized Access Vulnerability
Mambo Open Source is reported prone to a vulnerability that can allow remote attackers to gain complete unauthorized access to an affected Web site or the database used by the application.
It is reported that this issue results from improper implementation of global variables.
All versions of Mambo Open Source prior to and including 4.5.1 are reported vulnerable to this issue.
Mambo Open Source is reported prone to a vulnerability that can allow remote attackers to gain complete unauthorized access to an affected Web site or the database used by the application.
It is reported that this issue results from improper implementation of global variables.
All versions of Mambo Open Source prior to and including 4.5.1 are reported vulnerable to this issue.
Exploit / POC
Mambo Open Source Global Variables Unauthorized Access Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Mambo Open Source Global Variables Unauthorized Access Vulnerability
Solution:
The vendor has released patches to address this issue in versions 4.5.0 and 4.5.1 of Mambo Open Source.
Mambo Mambo Open Source 4.5 (1.0.2)
Mambo Mambo Open Source 4.5 (1.0.3beta)
Mambo Mambo Open Source 4.5 (1.0.1)
Mambo Mambo Open Source 4.5 (1.0.0)
Mambo Mambo Open Source 4.5 (1.0.3)
Mambo Mambo Open Source 4.5.1
Mambo Mambo Open Source 4.5.1 (1.0.9)
Solution:
The vendor has released patches to address this issue in versions 4.5.0 and 4.5.1 of Mambo Open Source.
Mambo Mambo Open Source 4.5 (1.0.2)
-
Mambo 450 Security Patch Feb 05
http://www.mamboportal.com/component/option,com_remository/Itemid,46/
Mambo Mambo Open Source 4.5 (1.0.3beta)
-
Mambo 450 Security Patch Feb 05
http://www.mamboportal.com/component/option,com_remository/Itemid,46/
Mambo Mambo Open Source 4.5 (1.0.1)
-
Mambo 450 Security Patch Feb 05
http://www.mamboportal.com/component/option,com_remository/Itemid,46/
Mambo Mambo Open Source 4.5 (1.0.0)
-
Mambo 450 Security Patch Feb 05
http://www.mamboportal.com/component/option,com_remository/Itemid,46/
Mambo Mambo Open Source 4.5 (1.0.3)
-
Mambo 450 Security Patch Feb 05
http://www.mamboportal.com/component/option,com_remository/Itemid,46/
Mambo Mambo Open Source 4.5.1
-
Mambo 451 Security Patch Feb 05
http://www.mamboportal.com/component/option,com_remository/Itemid,46/
Mambo Mambo Open Source 4.5.1 (1.0.9)
-
Mambo 451 Security Patch Feb 05
http://www.mamboportal.com/component/option,com_remository/Itemid,46/
References
Mambo Open Source Global Variables Unauthorized Access Vulnerability
References:
References:
- Major security hole detected (Mambo)
- Mambo Open Source Homepage (Mambo)