You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 537 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
PHP-Nuke Script Insertion Vulnerabilities
Securitymanunkind1 writes "Janek Vind "waraxe" has reported some vulnerabilities in PHP-Nuke, allowing malicious people to conduct script insertion attacks. The problem is that certain parameters such as the "img" tags allow URLs to be specified. These URLs can contain references to administrative functions, which will be executed when an administrative user reads a forum posting or an u2u message with a malicious "img" tag. An example has been published, which will add a new administrative user. The vulnerabilities have been reported in version 7.10 and prior.

Solution:
A possible workaround is to change the URL for administrative functions to contain a secret and random path. Note this is imperfect and may be revealed using a similar technique. Edit the source code to disallow the use of the "img" tag. Use another product. http://secunia.com/advisories/11195/

Admin Note: Discovered a while ago and has been fixed by both Zhen and a forum member."
Posted on Wednesday, March 24 @ 15:20:43 CET by Daniel-cmw
 
Related Links
· Computer Cops
· More about Security
· News by Daniel-cmw


Most read story about Security:
PHP-Nuke admin.php security hole - PATCHED

Article Rating
Average Score: 3
Votes: 2


Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad


Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend

Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register

Re: PHP-Nuke Script Insertion Vulnerabilities (Score: 1)
by Johan1982 on Wednesday, March 24 @ 17:13:32 CET
(User Info | Send a Message)
Specifically in where we can find fix?



Re: PHP-Nuke Script Insertion Vulnerabilities (Score: 1)
by Daniel-cmw on Wednesday, March 24 @ 17:25:46 CET
(User Info | Send a Message)
http://www.nukecops.com/postlite25444-.html



Re: PHP-Nuke Script Insertion Vulnerabilities (Score: 1)
by chatserv on Thursday, March 25 @ 00:15:40 CET
(User Info | Send a Message) http://nukeresources.com
This is not the same admin.php vulnerability, recently the img tag was removed from the disallowed tags in mainfile.php on versions 7.0, 7.1 and 7.2, i suggest re-adding it until code is added to validate the img tag.
in mainfile.php find:
(eregi("]*form*"?[^>]*>", $secvalue)) ||

under it add:
(eregi("]*img*"?[^>]*>", $secvalue)) ||


Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.106 Seconds - 208 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::