Openads (phpAdsNew) 'lib-remotehost.inc.php' Remote File Include Vulnerability

Bugtraq ID:	25277
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Aug 11 2007 12:00AM
Updated:	Jul 22 2010 03:46PM
Credit:	Ma$tEr-0F-De$a$t0r is credited with the discovery of this vulnerability.
Vulnerable:	phpAdsNew phpAdsNew 2.0.8 -pr1 phpAdsNew phpAdsNew 2.0.8 phpAdsNew phpAdsNew 2.0.7 rc1 phpAdsNew phpAdsNew 2.0.7 phpAdsNew phpAdsNew 2.0.6 phpAdsNew phpAdsNew 2.0.5 phpAdsNew phpAdsNew 2.0.4 -pr2 phpAdsNew phpAdsNew 2.0.4 -pr1 phpAdsNew phpAdsNew 2.0 beta 6 phpAdsNew phpAdsNew 2.0 beta 5 phpAdsNew phpAdsNew 2.0.9-pr1 phpAdsNew phpAdsNew 2 dev 30092001 phpAdsNew phpAdsNew 2 dev 09102001 OpenX OpenX 2.0 Openads Openads 2.0.11 Openads Openads 2.0.10
Not Vulnerable:

Openads (phpAdsNew) 'lib-remotehost.inc.php' Remote File Include Vulnerability

Openads (formerly known as phpAdsNew) is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Openads 2.0.11 and prior versions are vulnerable.

Openads (phpAdsNew) 'lib-remotehost.inc.php' Remote File Include Vulnerability

An attacker can exploit this issue through a browser.

The following proof-of-concept URI is available:

http://www.example.com/libraries/lib-remotehost.inc.php?phpAds_geoPlugin=EviL ShEll

Openads (phpAdsNew) 'lib-remotehost.inc.php' Remote File Include Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Openads (phpAdsNew) 'lib-remotehost.inc.php' Remote File Include Vulnerability

References:

• Openads Homepage (Openads)
  
• OpenX Homepage (OpenX)
  
• phpAdsNew Homepage (Openads)