GuppY error.php remote file include
| guppy-error-file-include (23318) |  Medium Risk |
Description:
GuppY could allow a remote attacker to include malicious PHP files. If the register_globals_gpc and magic_quotes settings are disabled, a remote attacker could send a specially-crafted URL to the error.php script using the REMOTE_ADDR variable to include malicious code from a remote or local system, enabling the attacker to execute arbitrary code on the vulnerable system with privileges of the Web server process.
Consequences:
Gain Access
Remedy:
No remedy available as of July 9, 2011.
References:
- BugTraq Mailing List, Mon Nov 28 2005 - 12:24:45 CST: Guppy <= 4.5.9 Remote code execution.
- GuppY Web site: GuppY.
- BID-15609: GuppY Error.PHP Remote File Include and Command Execution Vulnerability
- CVE-2005-3926: Direct static code injection vulnerability in error.php in GuppY 4.5.9 and earlier, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via the _SERVER[REMOTE_ADDR] parameter, which is injected into a .inc script that is later included by the main script.
- SA17790: GuppY PHP Code Injection and Local File Inclusion Vulnerabilities
- SECTRACK ID: 1015279: GuppY Input Validation Flaw in `error.php` Lets Remote Users Execute Arbitrary Code
- VUPEN/ADV-2005-2635: GuppY Remote Code Execution and Directory Traversal Vulnerabilities
Platforms Affected:
- FreeGuppy GuppY 4.5.9 and prior
Reported:
Nov 28, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net