|
 |
|
dadaIMC "FilesMatch" File Upload Vulnerability
|
|
|
|
|
Secunia Advisory:
|
SA23305
|
|
|
Release Date:
|
2006-12-12
|
|
Last Update:
|
2006-12-18
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Unpatched
|
|
| Software: | dadaIMC 0.x
|
| | CVE reference: | CVE-2006-6511 (Secunia mirror)
|
|
|
This advisory is currently marked as unpatched!
- Companies can be alerted when a patch is released! |
|
|
Description:
Hagbard Celine has reported a vulnerability in dadaIMC, which can be exploited by malicious people to compromise vulnerable systems.
The file "[webroot]/.htaccess" contains a "FilesMatch" directive with a regular expression that configures the web server to treat all filenames containing the words "feature", "editor", "newswire", "otherpress", "admin", "pbook", "media" or "mod" as PHP scripts. Malicious people can upload files with such filenames by posting an article and attaching an image to it.
Successful exploitation requires that dadaIMC is installed into a shared environment.
The vulnerability is reported in version .99.3. Other versions may also be vulnerable.
Solution:
Configure "FilesMatch" in "[webroot]/.htaccess" with a more restrictive regular expression.
Provided and/or discovered by:
Hagbard Celine
Changelog:
2006-12-18: Added CVE reference.
Original Advisory:
http://bugs.dadaimc.org/view.php?id=191
Other References:
http://www.dadaimc.org/mod/documentation/display/4/index.php
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
1 Related Secunia Security Advisories
|
|
|
1. dadaIMC "Post An Article" Script Insertion Vulnerability
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
