MA-211.012010: MyCERT Alert - e107 Code Execution Vulnerability Date published: 2010-01-26 1.0 Introduction A critical vulnerability has been identified in the e107 content management system. Using a POST request, an attacker can trick the class2.php file to include arbitrary PHP code in a generated configuration file. Combined with the privilege to save files on a server, this allows unauthenticated users to execute arbitrary PHP code. 2.0 Impact An attacker can exploit this vulnerability to inject and execute arbitrary malicious PHP code in the web server process. This may facilitate a compromise of the application and the underlying system, unauthorized disclosure of information, unauthorized modification, and also disruption of service. 3.0 Affected Products 4.0 Recommendation MyCERT highly recommends that users of this application reinstall version 0.7.17 of the e107 content management system from the following URL: Please consider comparing the MD5 sum of the downloaded packages: - e107_v0.6175_to_v0.7.17_upgrade.tar.gz = 6e56d913d13677d2f577289697dfa2e5
- e107_v0.6175_to_v0.7.17_upgrade.zip = 048c4518c81c0211c9eedff811fea25e
- e107_v0.7.16_to_v0.7.17_upgrade.tar.gz = 0ddc3f588d70f7c238b7e94d31a7d25c
- e107_v0.7.16_to_v0.7.17_upgrade.zip = 94d7f82b4bcc109e2df6c60a03bb4162
- e107_v0.7.17_full.tar.gz = 447cc35e0edbaa5a5a2cdc90ad211a59
- e107_v0.7.17_full.zip = e617974c32afe22647120849c7f1abb5
- e107_v0.7.x_to_v0.7.17_upgrade.tar.gz = 07a1c7cedb6c4e86a8a4faf220fcfaa1
- e107_v0.7.x_to_v0.7.17_upgrade.zip = d4d070840c0f28edfb11453ee5410a0d
MyCERT can be reached at: E-mail : mycert@mycert.org.my
Phone : +603 89926969 (monitored during business hours)
Fax : +603 89453442
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : +60 19 2813801 (24x7 SMS reporting)
Business Hours : Mon - Fri 08:30 -17:30 MYT
Web: http://www.mycert.org.my 5.0 References |
