Smarty Template Engine Remote PHP Script Execution Vulnerability
BID:12941
Info
Smarty Template Engine Remote PHP Script Execution Vulnerability
| Bugtraq ID: | 12941 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 29 2005 12:00AM |
| Updated: | Mar 29 2005 12:00AM |
| Credit: | The individual or individuals responsible for the discovery of this issue are currently unknown; the vendor disclosed this issue. |
| Vulnerable: |
Smarty Template Engine 2.6.8 Smarty Template Engine 2.6.7 Smarty Template Engine 2.6.6 Smarty Template Engine 2.6.5 Smarty Template Engine 2.6.4 Smarty Template Engine 2.6.3 Smarty Template Engine 2.6.2 Smarty Template Engine 2.6.1 Smarty Template Engine 2.6 |
| Not Vulnerable: |
Smarty Template Engine 2.6.9 |
Discussion
Smarty Template Engine Remote PHP Script Execution Vulnerability
A remote PHP code execution vulnerability affects Smarty Template Engine. This issue is due to a failure of the application to properly secure access to PHP script manipulation.
An attacker may leverage this issue to execute arbitrary PHP script code on an affected computer; this may be exploited to gain unauthorized access to or escalated privileges on a hosting computer.
A remote PHP code execution vulnerability affects Smarty Template Engine. This issue is due to a failure of the application to properly secure access to PHP script manipulation.
An attacker may leverage this issue to execute arbitrary PHP script code on an affected computer; this may be exploited to gain unauthorized access to or escalated privileges on a hosting computer.
Exploit / POC
Smarty Template Engine Remote PHP Script Execution Vulnerability
No exploit is required to leverage this issue.
No exploit is required to leverage this issue.
Solution / Fix
Smarty Template Engine Remote PHP Script Execution Vulnerability
Solution:
The vendor has released a second update dealing with this issue. Apparently the first update still suffered from this issue as new attack vectors were found. The latest update apparently resolves this issue.
Gentoo Linux has released a revision to their original advisory dealing with this issue. Apparently the version reported as fixed still contained the issue, although through a different vector. Gentoo advises that users upgrade their packages to deal with this new vector by carrying out the following commands with superuser privileges:
emerge --sync
emerge --ask --oneshot --verbose ">=dev-php/smarty-2.6.9"
For more information, please see the referenced Gentoo Linux advisory.
Smarty Template Engine 2.6
Smarty Template Engine 2.6.1
Smarty Template Engine 2.6.2
Smarty Template Engine 2.6.3
Smarty Template Engine 2.6.4
Smarty Template Engine 2.6.5
Smarty Template Engine 2.6.6
Smarty Template Engine 2.6.7
Smarty Template Engine 2.6.8
Solution:
The vendor has released a second update dealing with this issue. Apparently the first update still suffered from this issue as new attack vectors were found. The latest update apparently resolves this issue.
Gentoo Linux has released a revision to their original advisory dealing with this issue. Apparently the version reported as fixed still contained the issue, although through a different vector. Gentoo advises that users upgrade their packages to deal with this new vector by carrying out the following commands with superuser privileges:
emerge --sync
emerge --ask --oneshot --verbose ">=dev-php/smarty-2.6.9"
For more information, please see the referenced Gentoo Linux advisory.
Smarty Template Engine 2.6
-
Smarty Smarty 2.6.9
http://smarty.php.net/do_download.php?download_file=Smarty-2.6.9.tar.g z
Smarty Template Engine 2.6.1
-
Smarty Smarty 2.6.9
http://smarty.php.net/do_download.php?download_file=Smarty-2.6.9.tar.g z
Smarty Template Engine 2.6.2
-
Smarty Smarty 2.6.9
http://smarty.php.net/do_download.php?download_file=Smarty-2.6.9.tar.g z
Smarty Template Engine 2.6.3
-
Smarty Smarty 2.6.9
http://smarty.php.net/do_download.php?download_file=Smarty-2.6.9.tar.g z
Smarty Template Engine 2.6.4
-
Smarty Smarty 2.6.9
http://smarty.php.net/do_download.php?download_file=Smarty-2.6.9.tar.g z
Smarty Template Engine 2.6.5
-
Smarty Smarty 2.6.9
http://smarty.php.net/do_download.php?download_file=Smarty-2.6.9.tar.g z
Smarty Template Engine 2.6.6
-
Smarty Smarty 2.6.9
http://smarty.php.net/do_download.php?download_file=Smarty-2.6.9.tar.g z
Smarty Template Engine 2.6.7
-
Smarty Smarty 2.6.9
http://smarty.php.net/do_download.php?download_file=Smarty-2.6.9.tar.g z
Smarty Template Engine 2.6.8
-
Smarty Smarty 2.6.9
http://smarty.php.net/do_download.php?download_file=Smarty-2.6.9.tar.g z
References
Smarty Template Engine Remote PHP Script Execution Vulnerability
References:
References:
- Smarty Homepage (Smarty)