OSVDB ID: 23529

Title: 4images index.php template Variable Traversal Arbitrary Local File Inclusion

Info

Disclosure

Feb 26, 2006

Discovery

Unknown

Dates

Exploit

Feb 26, 2006

Solution

Unknown

Description

4images contains a flaw that allows a remote attacker to access files outside of the web path. The issue is due to the 'index.php' script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'template' variable. This might lead to a loss of confidentiality.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity
Exploit: Exploit Public
OSVDB: Web Related

Solution

Upgrade to version 1.7.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

4homepage

4images

1.7.1

References

Milw0rm: 1533
Exploit Database: 1533
Bugtraq ID: 16855
Secunia Advisory ID: 19026
CVE ID: 2006-0899 (see also: NVD)
ISS X-Force ID: 24398
VUPEN Advisory: ADV-2006-0754
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-02/0571.html
http://attrition.org/pipermail/vim/2006-May/000747.html
Vendor URL: http://www.4homepages.de/

Credit

rgod - rgodautistici.org - http://retrogod.altervista.org

Direct URL: http://osvdb.org/23529