Detections
Analytics

FUDforum < 2.7.1 Avatar Upload Extension Validation Weakness Arbitrary Code Execution

medium Nessus Plugin ID 19520

Language:

Synopsis

The remote web server contains a PHP application that allows for arbitrary code execution.

Description

The remote host is running FUDforum, an open source web forum written in PHP.

According to its banner, the version of FUDforum installed on the remote host may allow an authenticated attacker to upload a file with arbitrary PHP code as an avatar image and later run that code subject to the privileges of the web server user id.

Solution

Upload to FUDforum 2.7.1 or later.

See Also

https://seclists.org/bugtraq/2005/Aug/392

http://fudforum.org/forum/index.php?t=msg&th=5470&start=0&

Plugin Details

Severity: Medium

ID: 19520

File Name: fudforum_avatar_upload.nasl

Version: 1.21

Type: remote

Family: CGI abuses

Published: 8/29/2005

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:ilia_alshanetsky:fudforum

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 8/23/2005

Reference Information

CVE: CVE-2005-2781

BID: 14678