[Vtigercrm-developers] [CRITICAL] possible code injection
Minnie
minnie at vtiger.com
Mon Jun 25 21:44:33 PDT 2007
vulnerability
Cc: vtigercrm-developers at lists.vtigercrm.com
In-Reply-To: <20070625141133.GE7548 at nibiru.local>
Mime-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_Part_306_13776658.1182833073279"
References: <20070625141133.GE7548 at nibiru.local>
X-Priority: Medium
User-Agent: Zoho Mail
X-Mailer: Zoho Mail
Status: RO
------=_Part_306_13776658.1182833073279
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Dear weigelt,
It is better to give me the entire url you've given. when I try t=
o give module=3DLeads and action=3Dfoo, I got the warning message stating t=
hat
Warning: include(modules/Leads/foo.php) [function.include]: failed to open=
stream: No such file or directory in
I tested for other modules also. I got the same result. kindly help me to r=
eproduce this one.
Thanks & Regards,
Minnie.
----weigelt at metux.de wrote ----=20
=
=20
Hi folks,
while playing around w/ url parameters, I've found an probably=20
critical vulnerability:=20
The "action" parameter seems to go directly into the filename=20
for code loading (ie. "action=3Dfoo" ends up in trying to load
"foo.php" within the module's subdir) !
We should fix this ASAP.
cu
--=20
---------------------------------------------------------------------
Enrico Weigelt =3D=3D metux IT service
phone: +49 36207 519931 http://www: http://www.metux.de=
/
fax: +49 36207 519932 email: contact at metux.de
cellphone: +49 174 7066481
---------------------------------------------------------------------
-- DSL ab 0 Euro. -- statische IP -- UUCP -- Hosting -- Webshops --
---------------------------------------------------------------------
_______________________________________________
Reach hundreds of potential candidates - http://jobs.vtiger.com=20
------=_Part_306_13776658.1182833073279
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head>=
<meta content=3D"text/html;charset=3DUTF-8" http-equiv=3D"Content-Type"></h=
ead><body >Dear weigelt,<br><br> &=
nbsp; It is better to give me the entire url you've given. when I try=
to give module=3DLeads and action=3Dfoo, I got the warning message stating=
that<br><b>Warning</b>: include(modules/Leads/foo.php) [<a href=3D"http:/=
/mangayarkarasi:503/jun7/function.include">function.include</a>]: failed to=
open stream: No such file or directory in<br><br>I tested for other module=
s also. I got the same result. kindly help me to reproduce this one.<br><br=
>Thanks & Regards,<br>Minnie.<br><br><br>----weigelt at metux.de wrote ---=
- <br><br><blockquote style=3D"border-left: 2px solid rgb(0, 0, 255); paddi=
ng: 6px;">
=20
=20
=20
<div>
<br>Hi folks,<br><br>while playing around w/ url parameters, I've found an =
probably <br>critical vulnerability: <br><br>The "action" parameter seems t=
o go directly into the filename <br>for code loading (ie. "action=3Dfoo" en=
ds up in trying to load<br>"foo.php" within the module's subdir) !<br><br>W=
e should fix this ASAP.<br><br><br>cu<br>-- <br>---------------------------=
------------------------------------------<br> Enrico Weigelt =3D=3D m=
etux IT service<br><br> phone: +49 36207 519931 <a target=3D"_=
blank" href=3D"http://www:">http://www:</a> <a target=3D"_blank" href=
=3D"http://www.metux.de/">http://www.metux.de/</a><br> fax: +49 3620=
7 519932 email: contact at metux.de<br> cellphone: +49 174 706648=
1<br>---------------------------------------------------------------------<=
br> -- DSL ab 0 Euro. -- statische IP -- UUCP -- Hosting -- Webshops --<br>=
---------------------------------------------------------------------<br>__=
_____________________________________________<br>Reach hundreds of potentia=
l candidates - <a target=3D"_blank" href=3D"http://jobs.vtiger.com">http://=
jobs.vtiger.com</a> <br>
</div>
=20
=20
</blockquote></body></html>
------=_Part_306_13776658.1182833073279--
More information about the vtigercrm-developers
mailing list