Info

Disclosure

Mar 10, 2006

Discovery

Unknown

Dates

Exploit

Mar 10, 2006

Solution

Unknown

Description

Guppy contains a flaw that may allow a remote denial of service. The issue is caused by the improper sanitization of the 'pg' variable in dwnld.php before being used to write a counter value to '.dtb' files. An attacker can overwrite any file with permissions set to 666 via null injection resulting in a loss of availability for the service.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Availability
Exploit: Exploit Public
OSVDB: Web Related

Solution

Upgrade to version 4.5.12 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Laurent Duveau	GuppY	2.4
		2.4 p1
		2.4 p3
		2.4 p4
		4.5
		4.5.3
		4.5.3 a
		4.5.4
		4.5.9
		4.5.10
		4.5.11

References

Security Tracker: 1015753
Milw0rm: 1573
Exploit Database: 1573
Bugtraq ID: 17068
Secunia Advisory ID: 19222
CVE ID: 2006-1224 (see also: NVD)
Related OSVDB ID: 23993
ISS X-Force ID: 25141
VUPEN Advisory: ADV-2006-0936
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-02/0758.html
Vendor URL: http://www.freeguppy.org/
Other Advisory URL: http://www.kapda.ir/advisory-291.html

Credit

trueend5 - trueend5kapda ir - http://www.KAPDA.ir

Direct URL: http://osvdb.org/23846

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Laurent Duveau

GuppY

References

Credit