|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA10783] X-Cart Multiple Vulnerabilities
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Wed Feb 04 2004 - 06:14:56 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
X-Cart Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA10783
VERIFY ADVISORY:
http://www.secunia.com/advisories/10783/
CRITICAL:
Highly critical
IMPACT:
Exposure of sensitive information, System access
WHERE:
From remote
SOFTWARE:
Qualiteam X-Cart 3.x
DESCRIPTION:
Philip has reported three vulnerabilities in X-Cart, where the most
serious can be exploited by malicious people to compromise a
vulnerable system.
It is possible to pass arbitrary values to the "perl_binary"
parameter in "upgrade.php" and "general.php". This can be exploited
to supply a path to any system command including parameters.
The content of arbitrary files can be viewed due to an input
validation error in the "auth.php" script. This can be exploited by
supplying a string containing the classic directory traversal
character sequence "../" to the "shop_closed_file" parameter.
The "general.php" script can be used to view "phpinfo()" output by
setting the "mode" parameter to "phpinfo".
The vulnerabilities have been reported in version 3.4.3. Other
versions may also be affected.
SOLUTION:
Use another product.
PROVIDED AND/OR DISCOVERED BY:
Philip, MagicWebSolutions.
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://www.secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://www.secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]