GNU SPIP Unspecified PHP Code Execution Vulnerability

Bugtraq ID:	9875
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Mar 15 2004 12:00AM
Updated:	Mar 15 2004 12:00AM
Credit:	Discovery is credited to Simon Baptiste.
Vulnerable:	GNU SPIP 1.7 GNU SPIP 1.6 GNU SPIP 1.5.2 GNU SPIP 1.4.2
Not Vulnerable:

GNU SPIP Unspecified PHP Code Execution Vulnerability

It has been reported that SPIP may be prone to an unspecifed PHP code execution vulnerability that could allow an attacker to inject arbitrary PHP code via certain URI parameters of 'forum.php3' script.

Successful exploitation of this issue may allow an attacker to execute malicous PHP code in the context of the vulnerable site.

Although unconfirmed, SPIP versions 1.7 and prior may be prone to these issues.

GNU SPIP Unspecified PHP Code Execution Vulnerability

No exploit is required.

GNU SPIP Unspecified PHP Code Execution Vulnerability

Solution:
An unofficial patch is available.

---
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.


GNU SPIP 1.4.2

• Simon Baptiste SPIP-v1-4-3.patch
  http://www.securityfocus.com/data/vulnerabilities/patches/SPIP-v1-4-3. patch


• Simon Baptiste SPIP-v1-4-3.patch.gz
  http://www.e-glop.net/dev/spip/SPIP-v1-4-3.patch.gz

GNU SPIP 1.5.2

• Simon Baptiste SPIP-v1-5-3.patch
  http://www.securityfocus.com/data/vulnerabilities/patches/SPIP-v1-5-3. patch


• Simon Baptiste SPIP-v1-5-3.patch.gz
  http://www.e-glop.net/dev/spip/SPIP-v1-5-3.patch.gz

GNU SPIP 1.6

• Simon Baptiste SPIP-v1-6-1.patch
  http://www.securityfocus.com/data/vulnerabilities/patches/SPIP-v1-6-1. patch


• Simon Baptiste SPIP-v1-6-1.patch.gz
  http://www.e-glop.net/dev/spip/SPIP-v1-6-1.patch.gz

GNU SPIP Unspecified PHP Code Execution Vulnerability

References:

• SPIP Homepage (SPIP)