Overview
PHP-Nuke has an input-validation vulnerability that can lead to execution of arbitrary PHP code hosted on another web server.
Description
PHP-Nuke is a tool designed to ease web site creation and maintenance. PHP-Nuke includes a script named index.php, which uses PHP's include() function to execute a PHP file specified in the CGI variable named "file." If supplied an HTTP URL, PHP's include() function will request the file from web server as shown in the URL. Since the index.php script does not check if the "file" variable contains an HTTP URL before including the file, it can be made to execute arbitrary PHP code from any reachable web server. |
Impact
A remote attacker can force the server to run arbitrary PHP source code, with the user same privileges as the PHP server process on the victim host. |
Solution
Apply a patch Upgrade to version 5.5 or later of PHP-Nuke. |
Change PHP configuration |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Thanks to Nopman for reporting this vulnerability.
This document was written by Shawn Van Ittersum.
Other Information
| CVE IDs: | CVE-2002-0206 |
| Severity Metric: | 5.40 |
| Date Public: | 2002-01-16 |
| Date First Published: | 2002-09-16 |
| Date Last Updated: | 2002-09-16 22:10 UTC |
| Document Revision: | 14 |