FUDforum avatar file upload
| fudforum-avatar-file-upload (22076) |  High Risk |
Description:
FUDforum could allow a remote attacker to upload arbitrary PHP files. If the system admin allows the uploading of custom avatars, a remote attacker could send a specially-crafted avatar containing a malicious PHP script file to the web root. A remote attacker could exploit this vulnerability to gain access to the system.
Consequences:
Gain Access
Remedy:
Upgrade to the latest version of FUDforum (2.7.1 or later), available from the FUDforum Web site. See References.
For Debian GNU/Linux:
Refer to DSA-1063-1 for patch, upgrade, or suggested workaround information. See References.
References:
- BugTraq Mailing List, Sun Aug 28 2005 - 10:00:56 CDT: FUD Forum < 2.7.1 PHP code injection vurnelability.
- FUDforum Web site: FUD Forum.
- BID-14678: FUDforum Avatar Upload Arbitrary Script Upload Vulnerability
- CVE-2005-2781: The Avatar upload feature in FUD Forum before 2.7.0 does not properly verify uploaded files, which allows remote attackers to execute arbitrary PHP code via a file with a .php extension that contains image data followed by PHP code.
- DSA-1063: phpgroupware -- missing input sanitising
- SA16627: FUDforum Avatar Upload Vulnerability
Platforms Affected:
- Advanced Internet Designs FUDforum prior to 2.7.1
- Debian Debian Linux 3.0
- Debian Debian Linux 3.1
Reported:
Aug 28, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net