Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2330

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-2330
Last Modified 07 Mar 2011 09:35:58
Published 11 May 2006 08:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2330

Summary

PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses the validation, as demonstrated by uploading then executing an avatar file that ends in ".php.gif" and contains PHP code in EXIF metadata.

Vulnerable Systems

Application

  • Php Fusion 6.00.105

  • Php Fusion 6.00.106

  • Php Fusion 6.00.107

  • Php Fusion 6.00.109

  • Php Fusion 6.00.110

  • Php Fusion 6.00.204

  • Php Fusion 6.00.206

  • Php Fusion 6.00.3

  • Php Fusion 6.00.303

  • Php Fusion 6.00.304

  • Php Fusion 6.00.306


References

CONFIRM - http://www.php-fusion.co.uk/news.php

SECUNIA - 19992

VUPEN - ADV-2006-1735

BID - 17898

BUGTRAQ - 20060508 PHPFusion <= v6.00.306 avatar mod_mime arbitrary file upload & local inclusion vulnerabilities

XF - phpfusion-avatar-extensions-code-execution(26388)

OSVDB - 25537

SREASON - 873


Last Updated: 27 May 2016 10:42:26