Xaraya <= 1.0.0 RC4 D.O.S / file corruption

2005.12.01
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-Other


CVSS Base Score: 5/10
Impact Subscore: 2.9/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

Xaraya <= 1.0.0 RC4 D.O.S / file corruption software: site: http://www.xaraya.com description: "Xaraya 1.0 Core is an Open Source web application framework written in PHP" vulnerable code in create() function in xarMLSXML2PHPBackend.php: i) you can create an empty dir, in some cases this leads to D.O.S. condition,poc: http://[target]/[path_to_xaraya]/index.php?module=../../../../.key.php http://[target]/[path_to_xaraya]/index.php?module=../../../../../.htacce ss ii) you can overwite any file on target system, using null char example, D.O.S, overwriting a system file: http://[target]/[path_to_xaraya]/index.php?module=../../../../config.sys tem.php%00 this could lead to remode code execution condition even, if a user overwrite some file where an inclusion path is defined rgod site: http://rgod.altervista.org mail: retrogod at aliceposta it original advisory: http://rgod.altervista.org/xaraya1DOS.hmtl


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top