eAccelerator encoder files backup Vulnerability

2009-07-02 / 2009-07-03

Credit: linuxrootkit2008

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2009-2353

CWE: CWE-94

CVSS Base Score: 6.8/10

Impact Subscore: 6.4/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

 eAccelerator encoder files backup Vulnerability
1.Description
eAccelerator is a free open-source PHP accelerator, optimizer, and dynamic content cache. It increases the performance of PHP scripts by caching them in their compiled state, so that the overhead of compiling is almost completely eliminated. It also optimizes scripts to speed up their execution. eAccelerator typically reduces server load and increases the speed of your PHP code by 1-10 times.
2. The Vulnerability
eAccelerator has a function which encode php source in encoder.php.
You can backup all system files to specify directory or specify files.Of course you can upload image to Web Server and backup it to the web directory
so you can ...........
3.II. Disclosure Timeline
2009/06/29 Vendor contact.
2009/06/30 Public Disclosure.
4. Thanks
all of Whitehat Community's friend && Great Milw0rm!
2009/06/30 by cnbird
Sorry my bad english!

References:

http://www.securityfocus.com/archive/1/archive/1/504695/100/0/threaded

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

eAccelerator encoder files backup Vulnerability

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.