Menu
▾
▴
Re: [PHPiCalendar-DEV] Fwd: [eVuln] PHP iCalendar File Inclusion Vulnerability
|
From: Jim Hu <ji...@ta...> - 2006-02-09 12:49:37
|
Yes, CVS has been updated to include the patches. On Feb 9, 2006, at 2:32 AM, Nicolas Contamin wrote: > Here is the post sent to bugTraq. > > Has the CVS version been updated ? (It sounds bad english, isn't it ?) > > > Danon'. > ---------- Forwarded message ---------- > From: al...@ev... < al...@ev...> > Date: 8 Feb 2006 23:29:47 -0000 > Subject: [eVuln] PHP iCalendar File Inclusion Vulnerability > To: bu...@se... > > New eVuln Advisory: > PHP iCalendar File Inclusion Vulnerability > http://evuln.com/vulns/70/summary.html > > --------------------Summary---------------- > eVuln ID: EV0070 > Software: PHP iCalendar > Sowtware's Web Site: http://phpicalendar.net/ > Versions: 2.0.1 2.1 2.2 > Critical Level: Dangerous > Type: File Inclusion > Class: Remote > Status: Patched > Exploit: Not Available > Solution: Available > Discovered by: Aliaksandr Hartsuyeu (eVuln.com) > > -----------------Description--------------- > File: functions/template.php > Function parse($file) calls include($file) without correct > sanitation of variable $file > > File: search.php > Parameter getdate isn't properly sanitized and may contain a filepath. > > All this can be used to make inclusion of arbitrary server-side file. > > System access is possible. > > --------------Exploit---------------------- > Exploitation code will be published in 3 days > http://evuln.com/vulns/70/exploit.html > > --------------Solution--------------------- > Vendor-provided patch is available at: > > http://dimer.tamu.edu/phpicalendar.net/forums/viewtopic.php? > p=1869#1869 > > --------------Credit----------------------- > Discovered by: Aliaksandr Hartsuyeu ( eVuln.com) > > > -- > I'm a poor and lonesome Yaourt... (Air connu) |
