[bug] File Inclusion and Command Execution (SA24019) [bug] File Inclusion and Command Execution (SA24019)
 

News:

CPG Release 1.6.27
change DB IP storage fields to accommodate IPv6 addresses
remove use of E_STRICT (PHP 8.4 deprecated)
update README to reflect new website
align code with new .com CPG website
correct deprecation in captcha

Main Menu

[bug] File Inclusion and Command Execution (SA24019)

Started by xerofun, March 30, 2007, 09:31:01 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

xerofun

Didn't find this one in the bugs board and by searching throught the board. So if there's already a solution posted, sorry for the double post.

Checkout:
http://secunia.com/advisories/24019/

1) I fixed this by commenting out the "include($path)" in function cpg_get_custom_include in include/functions.inc.php because I'm sure I will never make use of this function. Definit solution might be to only allow to include files within the cpg installation directory or maybe even only within the themes directory? This concludes that the permissions of the cpg installation directory needs to be set correctly, so that no local user can put any files into any of the directories.

2) Fixed this by replacing every ; with \; in $CONFIG['im_options'] everytime it is used in include/imageObjectIM.class.php and
include/picmgmt.inc.php (see attached patch).

Hope this helps.

In case there's already a fix, sorry. Just remove the posting. ;)

Nibbler

This has already been discussed. It's a non-issue. Only give admin rights to people you trust.