Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> CGI abuses >> RunCms bbPath Parameter Remote File Include Vulnerability


Vulnerability Assessment Details

RunCms bbPath Parameter Remote File Include Vulnerability

Vulnerability Assessment Summary
Checks for bbPath parameter remote file include vulnerability in RunCms

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote web server contains a PHP application that is susceptible
to remote file include attacks.

Description :

The remote host appears to be running RunCms, a content-management
system written in PHP.

The installed version of RunCms fails to validate user input to the
'bbPath' parameter of two scripts. An unauthenticated attacker may be
able to leverage this issue to view arbitrary files on the remote host
or to execute arbitrary PHP code, possibly taken from third-party
hosts.

Note that successful exploitation requires that PHP's
'register_globals' setting be enabled.

See also :

http://www.runcms.org/public/modules/news/

Solution :

Upgrade to RunCms 1.3a or later.

Network Security Threat Level:

Medium / CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Tenable Network Security

Cables, Connectors

Lot of 32 HP 405476-051 2GB 2Rx4 PC2-5300P 667MHz DDR2 ECC Server Memory Micron
$90.0
Lot of 32 HP 405476-051 2GB 2Rx4 PC2-5300P 667MHz DDR2 ECC Server Memory Micron pictureHP 16 (16x2GB) PC-3200R DDR-400 ECC REG Server Memory RAM 373030-051 379300-B21
$82.0
HP 16 (16x2GB) PC-3200R DDR-400 ECC REG Server Memory RAM 373030-051 379300-B21 pictureDell PowerEdge M610X 2x Quad Core Xeon X5680 3.3GHz 32GB No HDD
$349.99
Dell PowerEdge M610X 2x Quad Core Xeon X5680 3.3GHz 32GB No HDD pictureDell Poweredge R520
$245.0
Dell Poweredge R520 picture


Discussions

No Discussions have been posted on this vulnerability.