Artmedic Newsletter log.php PHP code execution

artmedic-newsletter-code-execution (26597) The risk level is classified as MediumMedium Risk

Description:

Artmedic Newsletter could allow a remote attacker to execute arbitrary PHP code on the system, caused by improper validation of user-supplied input by the log.php script. A remote attacker could exploit this vulnerability using the 'logfile' and 'email' parameters to create malicious files on the system containing embedded PHP code, which would allow that attacker to execute arbitrary commands on the system with the privileges of the Web server process.


Consequences:

Gain Access

Remedy:

No remedy available as of September 1, 2014.

References:

  • artmedic PHP-Scripts Web site: artmedic Freeware PHP-Scripts.
  • BugTraq Mailing List, Fri May 19 2006 - 08:49:55 CDT : Code Execution in artmedic Newsletter 4.1 [log.php].
  • BID-18047: Artmedic Newsletter Log.PHP Remote Script Execution Vulnerability
  • CVE-2006-2608: artmedic newsletter 4.1 and possibly other versions, when register_globals is enabled, allows remote attackers to modify arbitrary files and execute arbitrary PHP code via the logfile parameter in a direct request to log.php, which causes the $logfile variable to be redefined to an attacker-controlled value, as demonstrated by injecting PHP code into info.php.
  • CVE-2006-2609: artmedic newsletter 4.1.2 and possibly other versions, when register_globals is enabled, allows remote attackers to modify arbitrary files and execute arbitrary PHP code via the email parameter to newsletter_log.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
  • OSVDB ID: 25709: artmedic newsletter log.php Arbitrary PHP Code Execution
  • OSVDB ID: 26553: artmedic newsletter newsletter_log.php Arbitrary PHP Code Execution
  • SA20204: artmedic newsletter "log.php" PHP Code Injection Vulnerability

Platforms Affected:

  • Artmedic artmedic newsletter 4.1

Reported:

May 19, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page