Page 1 of 1
[ABANDONED] Sitemap 2.0.0 for Mambo 4.5.1 Remote File Include Vulnerabilities
Posted: Wed Jul 12, 2006 3:10 pm
by gustavo
Re: Sitemap 2.0.0 for Mambo 4.5.1 CMS Remote File Include Vulnerabilities
Posted: Wed Jul 12, 2006 3:55 pm
by Peter Koch
Apperently also joommap 2.05 has this construct (vulnerability yet unconfirmed)
No, everything seems clean in joommap 2.0.5.
I can however confirm the issue with sitemap 2.0.0
Re: Sitemap 2.0.0 for Mambo 4.5.1 CMS Remote File Include Vulnerabilities
Posted: Fri Jul 14, 2006 12:56 pm
by gustavo
and two days after, the official report on secutiry related sites..
Advisory ID : FrSIRT/ADV-2006-2803
CVE ID : GENERIC-MAP-NOMATCH
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-07-14
Technical Description
A vulnerability has been identified in SiteMap (component for Mambo), which may be exploited by attackers to execute arbitrary commands. This flaw is due to an input validation error in the "sitemap.xml.php" script that fails to validate the "mosConfig_absolute_path" parameter, which could be exploited by remote attackers to include malicious files and execute arbitrary commands with the privileges of the web server.
Affected Products
SiteMap (component for Mambo) version 2.0 and prior
http://www.frsirt.com/english/advisories/2006/2803
Have a nice day
Gustavo
Re: Sitemap 2.0.0 for Mambo 4.5.1 CMS Remote File Include Vulnerabilities
Posted: Fri Jul 21, 2006 11:58 am
by Jinx
The sitemap 2.0 component is not actively maintained and should not be used on any production websites ! The component has been removed from mamboforge.