PHP Nuke Double Hex Encoded Input Validation Vulnerability
BID:13557
Info
PHP Nuke Double Hex Encoded Input Validation Vulnerability
| Bugtraq ID: | 13557 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 09 2005 12:00AM |
| Updated: | May 09 2005 12:00AM |
| Credit: | Discovery of this issue is credited to <[email protected]>. |
| Vulnerable: |
Francisco Burzi PHP-Nuke 7.7 Francisco Burzi PHP-Nuke 7.6 Francisco Burzi PHP-Nuke 7.3 Francisco Burzi PHP-Nuke 7.3 Francisco Burzi PHP-Nuke 7.2 Francisco Burzi PHP-Nuke 7.1 Francisco Burzi PHP-Nuke 7.0 FINAL Francisco Burzi PHP-Nuke 7.0 Francisco Burzi PHP-Nuke 6.9 Francisco Burzi PHP-Nuke 6.7 Francisco Burzi PHP-Nuke 6.6 Francisco Burzi PHP-Nuke 6.5 RC3 Francisco Burzi PHP-Nuke 6.5 RC2 Francisco Burzi PHP-Nuke 6.5 RC1 Francisco Burzi PHP-Nuke 6.5 FINAL Francisco Burzi PHP-Nuke 6.5 BETA 1 Francisco Burzi PHP-Nuke 6.5 Francisco Burzi PHP-Nuke 6.0 Francisco Burzi PHP-Nuke 5.6 Francisco Burzi PHP-Nuke 5.5 Francisco Burzi PHP-Nuke 5.4 Francisco Burzi PHP-Nuke 5.3.1 Francisco Burzi PHP-Nuke 5.2 a Francisco Burzi PHP-Nuke 5.2 Francisco Burzi PHP-Nuke 5.1 Francisco Burzi PHP-Nuke 5.0.1 Francisco Burzi PHP-Nuke 5.0 Francisco Burzi PHP-Nuke 4.4.1 a Francisco Burzi PHP-Nuke 4.4 Francisco Burzi PHP-Nuke 4.3 Francisco Burzi PHP-Nuke 4.0 Francisco Burzi PHP-Nuke 3.0 Francisco Burzi PHP-Nuke 2.5 Francisco Burzi PHP-Nuke 1.0 Francisco Burzi PHP-Nuke 0.726 -3 Francisco Burzi PHP-Nuke 0.75 -RC3 |
| Not Vulnerable: | |
Discussion
PHP Nuke Double Hex Encoded Input Validation Vulnerability
PHP Nuke is prone to an input validation vulnerability. Reports indicate the script fails to correctly identify potentially dangerous characters when the characters are double hex-encoded (i.e. %25%41 == %41 == A).
A remote attacker may exploit this issue to bypass PHP Nuke protections and exploit issues that exist in the underlying PHP Nuke installation.
PHP Nuke is prone to an input validation vulnerability. Reports indicate the script fails to correctly identify potentially dangerous characters when the characters are double hex-encoded (i.e. %25%41 == %41 == A).
A remote attacker may exploit this issue to bypass PHP Nuke protections and exploit issues that exist in the underlying PHP Nuke installation.
Exploit / POC
PHP Nuke Double Hex Encoded Input Validation Vulnerability
The following examples are available:
Will be filtered:
'modules.php?FistFucker=()'
Will be bypassed:
'modules.php?FistFucker=%2528%2529'
Will be filtered:
'/**/UNION/**/SELECT/**/'
Will be bypassed:
'/%2A%2A/UNION/%2A%2A/SELECT/%2A%2A/'
The following examples are available:
Will be filtered:
'modules.php?FistFucker=()'
Will be bypassed:
'modules.php?FistFucker=%2528%2529'
Will be filtered:
'/**/UNION/**/SELECT/**/'
Will be bypassed:
'/%2A%2A/UNION/%2A%2A/SELECT/%2A%2A/'
Solution / Fix
PHP Nuke Double Hex Encoded Input Validation Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
PHP Nuke Double Hex Encoded Input Validation Vulnerability
References:
References:
- PHPNuke INP Homepage (PHPNuke INP)