You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 261 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
PHP-Nuke admin.php security hole - PATCHED
SecurityRecently a security hole was announced in reference to an admin.php exploit where anyone can obtain PHP-Nuke administrator access. I've tested my patch the past couple days both here and at all the other sites with success. Its a quite simple patch in fact, here it is...

click here to see the code

This patch must be applied at the beginning of your admin.php code in order to be effective. It will also be implemented at our CVS site: cvs.nukecops.com tomorrow.

Admin Note: CVS file updated, code moved to a forum post as Nuke's filtering messes it if posted here.
Posted on Sunday, October 12 @ 22:37:44 CEST by Zhen-Xjell
 
Related Links
· Computer Cops
· More about Security
· News by Zhen-Xjell


Most read story about Security:
PHP-Nuke admin.php security hole - PATCHED

Article Rating
Average Score: 2
Votes: 2


Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad


Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend

Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register

Re: PHP-Nuke admin.php security hole - PATCHED (Score: 1)
by SuperCat on Sunday, October 12 @ 23:34:33 CEST
(User Info | Send a Message)
pasting that code into admin.php causes an error on this line:

if (preg_match("/?admin/", "$url")) {

Something about "nothing to compare to"



And how about this security hole in mailattach.php? (Score: 1)
by chris on Monday, October 13 @ 02:37:49 CEST
(User Info | Send a Message) http://www.karakas-online.de
From http://www.secunia.com/advisories/9954/ :

A vulnerability has been reported in PHP-Nuke allowing malicious users to upload and execute arbitrary files.

The vulnerability is caused due to the "mailattach.php" script in the WebMail part not verifying path information in the "userfile_name" parameter and the "modules.php" script allowing people to supply arbitrary files in the "file" parameter.

These two problems can combined be exploited to execute arbitrary code on a vulnerable system.

Example:
1) Upload a file where the "userfile_name" parameter is set to "../../AvantGo/language/evil.php".
2) Execute it using: /modules.php?name=AvantGo&file=language/evil

The vulnerability has been reported to affect PHP-Nuke on the Windows platform only.


Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.033 Seconds - 234 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::