PhpGedView Editconfig_gedcom.php Directory Traversal Vulnerability
BID:9529
Info
PhpGedView Editconfig_gedcom.php Directory Traversal Vulnerability
| Bugtraq ID: | 9529 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 30 2004 12:00AM |
| Updated: | Jan 30 2004 12:00AM |
| Credit: | The disclosure of this issue has been credited to Cedric Cochin <[email protected]>. |
| Vulnerable: |
PhpGedView PhpGedView 2.65.1 PhpGedView PhpGedView 2.65 PhpGedView PhpGedView 2.61.1 PhpGedView PhpGedView 2.61 PhpGedView PhpGedView 2.60 PhpGedView PhpGedView 2.52.3 |
| Not Vulnerable: |
PhpGedView PhpGedView 2.65.2 |
Discussion
PhpGedView Editconfig_gedcom.php Directory Traversal Vulnerability
It has been reported that PhpGedView may be prone to a directory traversal vulnerability that may allow a remote attacker to access files outside the server root directory. The problem exists due to insufficient sanitization of user-supplied data via the 'gedcom_config' parameter of the 'editconfig_gedcom.php' script.
PhpGedView versions 2.65.1 and prior have been reported to be prone to this issue.
It has been reported that PhpGedView may be prone to a directory traversal vulnerability that may allow a remote attacker to access files outside the server root directory. The problem exists due to insufficient sanitization of user-supplied data via the 'gedcom_config' parameter of the 'editconfig_gedcom.php' script.
PhpGedView versions 2.65.1 and prior have been reported to be prone to this issue.
Exploit / POC
PhpGedView Editconfig_gedcom.php Directory Traversal Vulnerability
No exploit is required.
The following proof of concept has been provided:
http://www.example.com/[phpGedView-directory]/editconfig_gedcom.php?gedcom_config=../../../../../../etc/passwd
No exploit is required.
The following proof of concept has been provided:
http://www.example.com/[phpGedView-directory]/editconfig_gedcom.php?gedcom_config=../../../../../../etc/passwd
Solution / Fix
PhpGedView Editconfig_gedcom.php Directory Traversal Vulnerability
Solution:
The vendor has released PhpGedView version 2.65.2 to address this and other issues. Users are advised to upgrade to the fixed version.
PhpGedView PhpGedView 2.52.3
PhpGedView PhpGedView 2.60
PhpGedView PhpGedView 2.61
PhpGedView PhpGedView 2.61.1
PhpGedView PhpGedView 2.65
PhpGedView PhpGedView 2.65.1
Solution:
The vendor has released PhpGedView version 2.65.2 to address this and other issues. Users are advised to upgrade to the fixed version.
PhpGedView PhpGedView 2.52.3
-
PhpGedView phpGedView-2.65.2.zip
http://prdownloads.sourceforge.net/phpgedview/phpGedView-2.65.2.zip?do wnload
PhpGedView PhpGedView 2.60
-
PhpGedView phpGedView-2.65.2.zip
http://prdownloads.sourceforge.net/phpgedview/phpGedView-2.65.2.zip?do wnload
PhpGedView PhpGedView 2.61
-
PhpGedView phpGedView-2.65.2.zip
http://prdownloads.sourceforge.net/phpgedview/phpGedView-2.65.2.zip?do wnload
PhpGedView PhpGedView 2.61.1
-
PhpGedView phpGedView-2.65.2.zip
http://prdownloads.sourceforge.net/phpgedview/phpGedView-2.65.2.zip?do wnload
PhpGedView PhpGedView 2.65
-
PhpGedView phpGedView-2.65.2.zip
http://prdownloads.sourceforge.net/phpgedview/phpGedView-2.65.2.zip?do wnload
PhpGedView PhpGedView 2.65.1
-
PhpGedView phpGedView-2.65.2.zip
http://prdownloads.sourceforge.net/phpgedview/phpGedView-2.65.2.zip?do wnload
References
PhpGedView Editconfig_gedcom.php Directory Traversal Vulnerability
References:
References:
- PhpGedView Homepage (PhpGedView)
- PHP Code Injection Vulnerabilities in phpGedView 2.65.1 and prior (Cedric Cochin
)