FCKeditor For PHP-Nuke Arbitrary File Upload Vulnerability
BID:12676
Info
FCKeditor For PHP-Nuke Arbitrary File Upload Vulnerability
| Bugtraq ID: | 12676 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 28 2005 12:00AM |
| Updated: | Feb 28 2005 12:00AM |
| Credit: | Discovery is credited to Roberto Cehennem <[email protected]>. |
| Vulnerable: |
FCKeditor FCKeditor 2.0 RC2 |
| Not Vulnerable: |
FCKeditor FCKeditor 2.0 rc3 |
Discussion
FCKeditor For PHP-Nuke Arbitrary File Upload Vulnerability
It is reported that FCKeditor allows remote attackers to upload arbitrary files to a computer when it is used with PHP-Nuke. This issue may allow attackers to place malicious scripts on a server, which can lead to various attacks.
FCKeditor 2.0 RC2 running as a module for PHP-Nuke is reported prone to this issue. Other versions may be affected as well.
It is reported that FCKeditor allows remote attackers to upload arbitrary files to a computer when it is used with PHP-Nuke. This issue may allow attackers to place malicious scripts on a server, which can lead to various attacks.
FCKeditor 2.0 RC2 running as a module for PHP-Nuke is reported prone to this issue. Other versions may be affected as well.
Exploit / POC
FCKeditor For PHP-Nuke Arbitrary File Upload Vulnerability
An exploit is not required.
It is reported that the following actions can allow for arbitrary file uploads:
Access the script:
http://www.example.com/modules.php?name=FCKeditor
Click on "upload image"
Click at "search at server"
Upload the file.
An exploit is not required.
It is reported that the following actions can allow for arbitrary file uploads:
Access the script:
http://www.example.com/modules.php?name=FCKeditor
Click on "upload image"
Click at "search at server"
Upload the file.
Solution / Fix
FCKeditor For PHP-Nuke Arbitrary File Upload Vulnerability
Solution:
The vendor has released version 2.0 RC3 and a patch to address this issue. Registered users may obtain the patch from the following location:
http://www.phpnuker.de/phpnuker-details-1805-fixFCK2RC2_Upload_Image-Link.html
Fixes are linked below:
FCKeditor FCKeditor 2.0 RC2
Solution:
The vendor has released version 2.0 RC3 and a patch to address this issue. Registered users may obtain the patch from the following location:
http://www.phpnuker.de/phpnuker-details-1805-fixFCK2RC2_Upload_Image-Link.html
Fixes are linked below:
FCKeditor FCKeditor 2.0 RC2
-
FCKeditor FCKeditor 2.0 RC3
http://www.fckeditor.net/whatsnew/default.html
References
FCKeditor For PHP-Nuke Arbitrary File Upload Vulnerability
References:
References:
- [ 1118378 ] Security problem!!!! (FSKeditor)
- FCKeditor Home Page (FCKeditor)