icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Mambo / Joomla Component / Module mosConfig_absolute_path Parameter Remote File Inclusion

Medium

Synopsis

The remote web server contains a PHP application that is prone to remote file inclusion attacks.

Description

The remote host contains a third-party Mambo / Joomla component or module. The version of at least one such component or module installed on the remote host fails to sanitize input to the 'mosConfig_absolute_path' parameter before using it to include PHP code. Provided PHP's 'register_globals' setting is enabled, an unauthenticated attacker may be able to exploit these flaws to view arbitrary files on the remote host or to execute arbitrary PHP code, possibly taken from third-party hosts.

Solution

Disable PHP's 'register_globals' setting. Upgrade or patch according to vendor recommendations.

See Also

http://www.securityfocus.com/archive/1/439035/30/0/threaded
http://www.securityfocus.com/archive/1/439451/30/0/threaded
http://www.securityfocus.com/archive/1/439618/30/0/threaded
http://www.securityfocus.com/archive/1/439963/30/0/threaded
http://www.securityfocus.com/archive/1/439997/30/0/threaded
http://www.securityfocus.com/archive/1/440881/30/0/threaded
http://www.securityfocus.com/archive/1/441533/30/0/threaded
http://www.securityfocus.com/archive/1/441538/30/0/threaded
http://www.securityfocus.com/archive/1/441541/30/0/threaded
http://www.securityfocus.com/archive/1/444425/30/0/threaded
http://packetstormsecurity.org/0607-exploits/smf.txt
http://isc.sans.org/diary.php?storyid=1526
http://www.milw0rm.com/exploits/1959
http://www.milw0rm.com/exploits/2020
http://www.milw0rm.com/exploits/2023
http://www.milw0rm.com/exploits/2029
http://www.milw0rm.com/exploits/2083
http://www.milw0rm.com/exploits/2089
http://www.milw0rm.com/exploits/2125
http://www.milw0rm.com/exploits/2196
http://www.milw0rm.com/exploits/2205
http://www.milw0rm.com/exploits/2206
http://www.milw0rm.com/exploits/2207
http://www.milw0rm.com/exploits/2214
http://www.milw0rm.com/exploits/2367
http://www.milw0rm.com/exploits/2613
http://www.milw0rm.com/exploits/3567
http://www.milw0rm.com/exploits/3703
http://www.milw0rm.com/exploits/3753
http://www.milw0rm.com/exploits/4497
http://www.milw0rm.com/exploits/4507
http://www.milw0rm.com/exploits/4521
http://www.milw0rm.com/exploits/5020
http://www.milw0rm.com/exploits/5497
http://www.milw0rm.com/exploits/6003
http://www.milw0rm.com/exploits/7038
http://www.milw0rm.com/exploits/7039
http://www.milw0rm.com/exploits/7040
http://milw0rm.com/exploits/1959