AlphaOne Technology Support Forums
Welcome, Guest. Please login or register.
December 02, 2008, 12:44:00 PM

Login with username, password and session length
Search:     Advanced search
1733 Posts in 827 Topics by 4756 Members
Latest Member: Uobeley
* Home Help Search Login Register
AlphaOne Technology Support Forums  |  IMPORTANT ANNOUNCEMENTS  |  Security Announcements  |  PostNuke  |  Topic: PostNuke Blocks Module "func" Directory Traversal Vulnerability 0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: PostNuke Blocks Module "func" Directory Traversal Vulnerability  (Read 1536 times)
AlphaWolf
AOT Administrator
Administrator
Hero Member
*****
Offline Offline

Posts: I am a geek!!



View Profile WWW
PostNuke Blocks Module "func" Directory Traversal Vulnerability
« on: May 17, 2005, 08:54:54 AM »
 FrSIRT Advisory : FrSIRT/ADV-2005-0553
CVE Reference : GENERIC-MAP-NOMATCH
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-05-17

 * Technical Description *

A vulnerability has been identified in PostNuke, which may be exploited by attackers to read arbitrary files outside of the webroot directory. This flaw is due to an input validation error in the Blocks Module when handling a specially crafted "func" variable containing "..\" sequences, which may be exploited remotely to conduct directory traversal attacks.

http://server/index.php?module=Blocks&type=lang&func=../dir

 * Affected Products *

PostNuke version 0.76-RC4 and prior

 * Solution *

Patches are available via CVS :
http://cvs.postnuke.com/viewcvs.cgi/Historic_PostNuke_Library/postnuke-devel/html/includes/pnMod.php.diff?r1=1.47&r2=1.48

http://cvs.postnuke.com/viewcvs.cgi/Historic_PostNuke_Library/postnuke-devel/html/index.php.diff?r1=1.39&r2=1.40

 * References *

http://www.frsirt.com/english/advisories/2005/0553
Logged
AlphaOne Tech Webmaster Resources
http://www.alphaone-tech.com/resources/
songdove
Tribforce Tribble, I mean Tribbie
Full Member
***
Offline Offline

Posts: 16


Top tribble at Trib


View Profile
Re: PostNuke Blocks Module "func" Directory Traversal Vulnerability
« Reply #1 on: May 21, 2005, 05:51:40 PM »
Postnuke released a patch that covers this, and several other vulnerabilities, yesterday, May 20th.  It's available for download from their main downloads section of postnuke.com.
Logged
We sacrifice all that we are and all that we love for the greater good, the One above. Visit me at http://tribforcehq.com, http://tribkids.com, http://teshuvatrumpet.org, http://sswat.uni.cc, http://planetlogos.now.nu
AlphaWolf
AOT Administrator
Administrator
Hero Member
*****
Offline Offline

Posts: I am a geek!!



View Profile WWW
Re: PostNuke Blocks Module "func" Directory Traversal Vulnerability
« Reply #2 on: May 22, 2005, 08:14:29 AM »
Thanks for letting us know Songdove
Logged
AlphaOne Tech Webmaster Resources
http://www.alphaone-tech.com/resources/
Pages: [1] Go Up Print 
AlphaOne Technology Support Forums  |  IMPORTANT ANNOUNCEMENTS  |  Security Announcements  |  PostNuke  |  Topic: PostNuke Blocks Module "func" Directory Traversal Vulnerability « previous next »
Jump to:  

Powered by MySQL Powered by PHP AlphaOne Technology Support Forums | Powered by SMF 1.0.7.
© 2001-2005, Lewis Media. All Rights Reserved. 		Valid XHTML 1.0! Valid CSS!