Claroline Local File Include and Cross-Site Scripting Vulnerabilities
BID:25521
Info
Claroline Local File Include and Cross-Site Scripting Vulnerabilities
| Bugtraq ID: | 25521 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-4718 CVE-2007-4717 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 03 2007 12:00AM |
| Updated: | Jul 05 2016 10:00PM |
| Credit: | Fernando Munoz is credited with the discovery of these issues. |
| Vulnerable: |
Claroline Claroline 1.8.5 Claroline Claroline 1.8.4 Claroline Claroline 1.8.3 Claroline Claroline 1.8.2 Claroline Claroline 1.8.1 Claroline Claroline 1.8 rc1 Claroline Claroline 1.8 Claroline Claroline 1.7.8 Claroline Claroline 1.7.7 Claroline Claroline 1.7.6 Claroline Claroline 1.7.5 Claroline Claroline 1.7.4 Claroline Claroline 1.7.3 Claroline Claroline 1.7.2 Claroline Claroline 1.7.1 Claroline Claroline 1.6 rc1 Claroline Claroline 1.6 beta Claroline Claroline 1.6 Claroline Claroline 1.5.4 Claroline Claroline 1.5.3 Claroline Claroline 1.5 Claroline Claroline 1.7 Claroline Claroline 1.6 Claroline Claroline 1.5 Claroline Claroline 1.4 Claroline Claroline 1.3 Claroline Claroline 1.2 |
| Not Vulnerable: |
Claroline Claroline 1.8.6 |
Discussion
Claroline Local File Include and Cross-Site Scripting Vulnerabilities
Claroline is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities.
An attacker could exploit these issues to execute local script code in the context of the application and access sensitive data, which may aid in further attacks.The attacker may also be able to execute arbitray code in the context of the webserver. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Versions prior to Claroline 1.8.6 are vulnerable.
Claroline is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities.
An attacker could exploit these issues to execute local script code in the context of the application and access sensitive data, which may aid in further attacks.The attacker may also be able to execute arbitray code in the context of the webserver. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Versions prior to Claroline 1.8.6 are vulnerable.
Exploit / POC
Claroline Local File Include and Cross-Site Scripting Vulnerabilities
Attackers can exploit these issues via a browser. To exploit a cross-site scripting vulnerability, the attacker must entice an unsuspecting user to view a maliciously crafted URI.
The following example URIs are available:
http://www.example.com/inc/lib/languages.lib.php?language=../../[file]
http://www.example.com/admin/adminusers.php?dir=[XSS]
http://www.example.com/admin/adminusers.php?sort=[XSS]
http://www.example.com/admin/advancedUserSearch.php?action=[XSS]
http://www.example.com/admin/campusProblem.php?view=[XSS]
Attackers can exploit these issues via a browser. To exploit a cross-site scripting vulnerability, the attacker must entice an unsuspecting user to view a maliciously crafted URI.
The following example URIs are available:
http://www.example.com/inc/lib/languages.lib.php?language=../../[file]
http://www.example.com/admin/adminusers.php?dir=[XSS]
http://www.example.com/admin/adminusers.php?sort=[XSS]
http://www.example.com/admin/advancedUserSearch.php?action=[XSS]
http://www.example.com/admin/campusProblem.php?view=[XSS]
Solution / Fix
Claroline Local File Include and Cross-Site Scripting Vulnerabilities
Solution:
The vendor released Claroline 1.8.6 to address these issues. Please see the references for more information.
Claroline Claroline 1.2
Claroline Claroline 1.5
Claroline Claroline 1.4
Claroline Claroline 1.3
Claroline Claroline 1.6
Claroline Claroline 1.7
Claroline Claroline 1.5
Claroline Claroline 1.5.3
Claroline Claroline 1.5.4
Claroline Claroline 1.6
Claroline Claroline 1.6 rc1
Claroline Claroline 1.6 beta
Claroline Claroline 1.7.1
Claroline Claroline 1.7.2
Claroline Claroline 1.7.3
Claroline Claroline 1.7.4
Claroline Claroline 1.7.5
Claroline Claroline 1.7.6
Claroline Claroline 1.7.7
Claroline Claroline 1.7.8
Claroline Claroline 1.8
Claroline Claroline 1.8 rc1
Claroline Claroline 1.8.1
Claroline Claroline 1.8.2
Claroline Claroline 1.8.3
Claroline Claroline 1.8.4
Claroline Claroline 1.8.5
Solution:
The vendor released Claroline 1.8.6 to address these issues. Please see the references for more information.
Claroline Claroline 1.2
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.5
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.4
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.3
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.6
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.7
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.5
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.5.3
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.5.4
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.6
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.6 rc1
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.6 beta
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.7.1
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.7.2
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.7.3
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.7.4
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.7.5
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.7.6
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.7.7
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.7.8
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.8
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.8 rc1
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.8.1
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.8.2
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.8.3
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.8.4
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz -
Claroline claroline186.zip - Windows
http://downloads.sourceforge.net/claroline/claroline186.zip
Claroline Claroline 1.8.5
-
Claroline claroline186.tar.gz - Unix, Linux, Mac OS X
http://downloads.sourceforge.net/claroline/claroline186.tar.gz
References
Claroline Local File Include and Cross-Site Scripting Vulnerabilities
References:
References:
- 1.8.6 Changelog (Claroline)
- Claroline Homepage (Claroline)