Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2516

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-2516
Last Modified 03 Oct 2011 12:00:00
Published 22 May 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-2516

Summary

mainfile.php in XOOPS 2.0.13.2 and earlier, when register_globals is enabled, allows remote attackers to overwrite variables such as $xoopsOption['nocommon'] and conduct directory traversal attacks or include PHP files via (1) xoopsConfig[language] to misc.php or (2) xoopsConfig[theme_set] to index.php, as demonstrated by injecting PHP sequences into a log file.

Vulnerable Systems

Application

  • Xoops 2.0

  • Xoops 2.0.1

  • Xoops 2.0.10

  • Xoops 2.0.11

  • Xoops 2.0.12 Jp

  • Xoops 2.0.13.1

  • Xoops 2.0.13.2

  • Xoops 2.0.2

  • Xoops 2.0.3

  • Xoops 2.0.4

  • Xoops 2.0.5

  • Xoops 2.0.5.1

  • Xoops 2.0.5.2

  • Xoops 2.0.6

  • Xoops 2.0.7

  • Xoops 2.0.9

  • Xoops 2.0.9.2

  • Xoops 2.0.9.3


References

VUPEN - ADV-2006-1895

BID - 18061

BUGTRAQ - 20060521 XOOPS <= 2.0.13.2 'xoopsOption[nocommon]' exploit

OSVDB - 25683

SREASON - 934

SECUNIA - 20176

MILW0RM - 1811


Last Updated: 27 May 2016 10:42:39