BID:12894

Double Choco Latte Multiple Vulnerabilities

Info

Double Choco Latte Multiple Vulnerabilities

Bugtraq ID:	12894
Class:	Input Validation Error
CVE:	CVE-2005-0887 CVE-2005-0888
Remote:	Yes
Local:	No
Published:	Mar 24 2005 12:00AM
Updated:	Jul 12 2009 11:56AM
Credit:	Discovery is credited to James Bercegay from GulfTech Research.
Vulnerable:	Michael Dean Double Choco Latte 0.9.4 .3 Michael Dean Double Choco Latte 0.9.4 .2 Michael Dean Double Choco Latte 0.9.4 Michael Dean Double Choco Latte 0.9.3

Not Vulnerable:	Michael Dean Double Choco Latte 0.9.4 .4

Discussion

Double Choco Latte Multiple Vulnerabilities

Double Choco Latte is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting/HTML injection attacks and execute arbitrary PHP code on a computer.

Double Choco Latte 0.9.4.3 is reported vulnerable to the cross-site scripting/HTML injection issue.

Double Choco Latte 0.9.4.2 and prior versions are affected by the PHP code execution issue.

This BID will be updated when more information is available.

Exploit / POC

Double Choco Latte Multiple Vulnerabilities

An exploit is not required.

The following proof of concept demonstrating PHP code execution is available:
http://www.example.com/main.php?menuAction=htmlTickets.show;system(id);ob_start

Solution / Fix

Double Choco Latte Multiple Vulnerabilities

Solution:
Double Choco Latte 0.9.4.4 is available to address these issues.

Michael Dean Double Choco Latte 0.9.3

Double Choco Latte dcl-0.9.4.4.tar.gz
http://prdownloads.sourceforge.net/dcl/dcl-0.9.4.4.tar.gz?download

Michael Dean Double Choco Latte 0.9.4

Double Choco Latte dcl-0.9.4.4.tar.gz
http://prdownloads.sourceforge.net/dcl/dcl-0.9.4.4.tar.gz?download

Michael Dean Double Choco Latte 0.9.4 .2

Double Choco Latte dcl-0.9.4.4.tar.gz
http://prdownloads.sourceforge.net/dcl/dcl-0.9.4.4.tar.gz?download

Michael Dean Double Choco Latte 0.9.4 .3

Double Choco Latte dcl-0.9.4.4.tar.gz
http://prdownloads.sourceforge.net/dcl/dcl-0.9.4.4.tar.gz?download

References

Double Choco Latte Multiple Vulnerabilities

References:

Double Choco Latte Homepage (Michael Dean)
Double Choco Latte Vulnerabilities (GulfTech Research)