PDA

View Full Version : Security Bug, already a solution for this ?


Yabah
06-30-2006, 06:10 PM
There has been found/reported the following high-risk securitybug.

http://www.securityfocus.com/bid/18509/info


PHP Live Helper Initiate.PHP Remote File Include Vulnerability

Bugtraq ID: 18509
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Jun 19 2006 12:00AM
Updated: Jun 20 2006 04:05PM
Credit: SnIpEr_SA is credited with the discovery of this vulnerability.
Vulnerable: PHP Live Helper PHP Live Helper 2.0. Beta
PHP Live Helper PHP Live Helper 2.0
PHP Live Helper PHP Live Helper 1.5



PHP Live Helper is prone to a remote file-include vulnerability.

An attacker can exploit this issue to include an arbitrary remote file containing
malicious PHP code and execute it in the context of the webserver process.
This may allow the attacker to compromise the application and the underlying system;
other attacks are also possible.


http://www.example.com/[livehelperpath]/initiate.php?abs_path=[evil_scripts]


Is here already a fix or patch for available ?


It would be nice to have a fix also for the older versions from 1.5 to 1.8 because some persons like that layout more and don't need the features of the 2.0 version.







.
TurnkeyAdmin
07-01-2006, 12:04 AM
THere is already a fix for 1.8 and its in the form of 1.8.1, we sent out newsletters months ago about this. Also, 2.0 final is not affected, simply download the latest version.
Yabah
07-01-2006, 04:19 AM
Why is the fix not displayed here on the forum or in the bugtrace ? I have searched very well about this problem and it seems that everyone only reports the bug and noone knows about any fix.

As I said before, what about earlier versions than 1.8 ?

Is it not a good idea to publish the fix openwith ?
TurnkeyAdmin
07-01-2006, 05:10 PM
We emailed everyone the day we learned of the issue which was a few months ago. Unless you are not getting our newletters by choice or otherwise then you should already know of the fix. Any version prior to 1.8 needs to be at least upgraded to 1.8.1 which is 1.8 with the patch applied. By the way, there was a post in the bug sections regarding the matter that was up for at least a month before we deleted the bugs sections for each software application as we implimented a new bug tracker.