Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Gentoo: GLSA-200605-04 Normal: phpWebSite Remote Code Execution Risk

gentoo
Calendar Grey May 2, 2006
Dist Gentoo Esm H88
Gentoo Linux Security Announcement GLSA 202305-12 highlights vulnerabilities in phpWebSite pertaining to local file inclusion, which can lead to unauthorized remote code execution.
Remote attackers can include local files which may lead to the execution of arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200605-04 https://security.gentoo.org/ Severity: Normal Title: phpWebSite: Local file inclusion Date: May 02, 2006 Bugs: #130295 ID: 200605-04

Synopsis ======= Remote attackers can include local files which may lead to the execution of arbitrary code.
Background ========= phpWebSite provides a complete web site content management system.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-apps/phpwebsite < 0.10.2 >= 0.10.2
========== rgod has reported that the "hub_dir" parameter in "index.php" isn't properly verified. When "magic_quotes_gpc" is disabled, this can be exploited to include arbitrary files from local ressourc...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory software update remote code execution Gentoo Linux normal local file inclusion phpWebSite

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory software update remote code execution Gentoo Linux normal local file inclusion phpWebSite

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here