Aardvark Topsites PHP LostPW.PHP Remote File Include Vulnerability

Bugtraq ID:	17940
Class:	Input Validation Error
CVE:	CVE-2006-2149
Remote:	Yes
Local:	No
Published:	Apr 30 2006 12:00AM
Updated:	May 15 2006 06:09PM
Credit:	cijfer is credited with the discovery of this vulnerability.
Vulnerable:	Aardvark Topsites PHP Aardvark Topsites PHP 4.2.2 Aardvark Topsites PHP Aardvark Topsites PHP 4.1.1 Aardvark Topsites PHP Aardvark Topsites PHP 4.1
Not Vulnerable:	Aardvark Topsites PHP Aardvark Topsites PHP 5.0.3

Aardvark Topsites PHP LostPW.PHP Remote File Include Vulnerability

Aardvark Topsites PHP is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.

An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.

Aardvark Topsites PHP LostPW.PHP Remote File Include Vulnerability

This issue can be exploited through a web client.

The following exploit is available:

• /data/vulnerabilities/exploits/Aardvark-TopsitesPHP-0430-rfi.pl

Aardvark Topsites PHP LostPW.PHP Remote File Include Vulnerability

Solution:
The vendor has addressed this issue in version 5.0.3.


Aardvark Topsites PHP Aardvark Topsites PHP 4.1

• Aardvark Topsites PHP atsphp-5.0.3
  http://www.aardvarkind.com/download.php?id=atsphp-5.0.3&f=zip

Aardvark Topsites PHP Aardvark Topsites PHP 4.1.1

• Aardvark Topsites PHP atsphp-5.0.3
  http://www.aardvarkind.com/download.php?id=atsphp-5.0.3&f=zip

Aardvark Topsites PHP Aardvark Topsites PHP 4.2.2

• Aardvark Topsites PHP atsphp-5.0.3
  http://www.aardvarkind.com/download.php?id=atsphp-5.0.3&f=zip

Aardvark Topsites PHP LostPW.PHP Remote File Include Vulnerability

References:

• Aardvark Topsites PHP Homepage (Aardvark Topsites PHP)