Koha 'help.pl' Local File Include Vulnerability
BID:51004
Info
Koha 'help.pl' Local File Include Vulnerability
| Bugtraq ID: | 51004 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 09 2011 12:00AM |
| Updated: | Dec 20 2011 10:49PM |
| Credit: | Frère Sébastien Marie |
| Vulnerable: |
Koha Library Software Community Koha 3.6 Koha Library Software Community Koha 3.4.6 Koha Library Software Community Koha 3.4.2 Koha Library Software Community Koha 3.4.1 |
| Not Vulnerable: |
Koha Library Software Community Koha 3.6.1 Koha Library Software Community Koha 3.4.7 Koha Library Software Community Koha 3.2.11 |
Discussion
Koha 'help.pl' Local File Include Vulnerability
Koha is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to view files and execute local scripts in the context of the webserver process. This may aid in further attacks.
Koha 3.4.x prior to 3.4.7 and 3.6.x prior to 3.6.1 are vulnerable.
Koha is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to view files and execute local scripts in the context of the webserver process. This may aid in further attacks.
Koha 3.4.x prior to 3.4.7 and 3.6.x prior to 3.6.1 are vulnerable.
Exploit / POC
Koha 'help.pl' Local File Include Vulnerability
Attackers can exploit this issue through a browser.
Attackers can exploit this issue through a browser.
Solution / Fix
Koha 'help.pl' Local File Include Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Koha 'help.pl' Local File Include Vulnerability
References:
References:
- Koha Homepage (Koha Library Software Community)
- Bug 6628 - [security] help system use insecure REFERRER for file inclusion (Frère Sébastien Marie)