ISS X-Force Database: beehive-multiple-scripts-file-include(27386): Bee-hive Lite multiple scripts file include

Bee-hive Lite multiple scripts file include

beehive-multiple-scripts-file-include (27386)

Medium Risk

Description:

Bee-hive Lite could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL request to various scripts using the 'header', 'mysqlcall', 'prefix', or 'config' parameter to specify a malicious file from a remote system, which could allow the attacker to execute arbitrary code on the vulnerable system.

Note: The following scripts are reported to be vulnerable:
conad/include/rootGui.inc.php
conad/changeEmail.inc.php
conad/changeUserDetails.inc.php
conad/checkPasswd.inc.php
conad/login.inc.php
conad/logout.inc.php
include/listall.inc.php
show/index.php
conad/include/mysqlCall.inc.php
include/rootGui.inc.php

Consequences:

Gain Access

Remedy:

No remedy available as of July 9, 2011.

References:

MagNet Web site: MagNet::Proucts: Beehive.
BID-18654: Bee-hive Multiple Remote File Include Vulnerabilities
CVE-2006-3266: Multiple PHP remote file inclusion vulnerabilities in Bee-hive Lite 1.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) header parameter to (a) conad/include/rootGui.inc.php and (b) include/rootGui.inc.php; (2) mysqlCall parameter to (c) conad/changeEmail.inc.php, (d) conad/changeUserDetails.inc.php, (e) conad/checkPasswd.inc.php, (f) conad/login.inc.php and (g) conad/logout.inc.php; (3) mysqlcall parameter to (h) include/listall.inc.php; (4) prefix parameter to (i) show/index.php; and (5) config parameter to (j) conad/include/mysqlCall.inc.php.
OSVDB ID: 26815: Bee-hive Lite conad/include/rootGui.inc.php header Variable Remote File Inclusion
OSVDB ID: 26816: Bee-hive Lite conad/changeEmail.inc.php mysqlCall Variable Remote File Inclusion
OSVDB ID: 26817: Bee-hive Lite conad/changeUserDetails.inc.php mysqlCall Variable Remote File Inclusion
OSVDB ID: 26818: Bee-hive Lite conad/checkPasswd.inc.php mysqlCall Variable Remote File Inclusion
OSVDB ID: 26819: Bee-hive Lite conad/login.inc.php mysqlCall Variable Remote File Inclusion
OSVDB ID: 26820: Bee-hive Lite conad/logout.inc.php mysqlCall Variable Remote File Inclusion
OSVDB ID: 26821: Bee-hive Lite conad/include/mysqlCall.inc.php config Variable Remote File Inclusion
OSVDB ID: 26822: Bee-hive Lite include/listall.inc.php mysqlcall Variable Remote File Inclusion
OSVDB ID: 26823: Bee-hive Lite include/rootGui.inc.php header Variable Remote File Inclusion
OSVDB ID: 26824: Bee-hive Lite show/index.php prefix Variable Remote File Inclusion
SA20814: Bee-hive Lite Multiple File Inclusion Vulnerabilities
VUPEN/ADV-2006-2516: Bee-hive Lite Multiple Parameter Handling Remote PHP File Inclusion Vulnerabilities

Platforms Affected:

MagNet WebPublishing Pvt. Bee-hive Lite 1.2

Reported:

Jun 26, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page