Info

Disclosure

May 18, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

FCKeditor contains a flaw that allows a remote upload files to arbitrary locations on the server. This flaw exists because the application does not validate the 'Type' variable upon submission to the upload.php script. This could allow a user to create or overwrite any files on the server with the same level of access as the web server. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 2.3 Beta or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Caldeira Knabben	FCKeditor	2.0
		2.2
		2.3 Beta

References

Bugtraq ID: 18029
CVE ID: 2006-2529 (see also: NVD)
Secunia Advisory ID: 20122
VUPEN Advisory: ADV-2006-1856
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-05/0399.html
Vendor URL: http://www.fckeditor.net/
Vendor Specific News/Changelog Entry: http://www.fckeditor.net/whatsnew/
http://www.fckeditor.net/whatsnew/default.html

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/25631

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Caldeira Knabben

FCKeditor

References

Credit