PHP Advanced Transfer Manager multiple vulnerabilities

Source: Internet
Author: User
Tags configuration settings valid zip
Information provided: security bulletin (or clue) provide hotline: 51cto.editor@gmail.com
Vulnerability Category: Enter a confirmation vulnerability
Attack Type: Remote attack
Release Date: 2005-09-20
Renew Date: 2005-09-20
Affected systems: PHP Advanced Transfer Manager 1.x
Security system: None
Vulnerability Speaker: Rgod
Vulnerability Description: Secunia advisory:sa16867
PHP Advanced Transfer Manager Composite Vulnerability
Rgod has reported some vulnerabilities and security issues in the PHP Advanced Transfer Manager. A malicious attacker could exploit a vulnerability that could reveal system information and sensitive information, and might also perform a cross script attack.
1. The input for the "Current_dir" and "filename" parameters in "txt.php", "htm.php", "html.php" and "zip.php" is not valid until the file is displayed. An attacker exploits vulnerabilities to reveal the contents of a malicious file through a directory-barrier attack.
2. An attacker exploiting vulnerabilities could reveal certain PHP configuration settings by accessing the "test.php" script directly.
3. The input of "font", "Normalfontcolor" and "mess[31" parameters in "txt.php" is not valid until feedback is given to the user. When a user browses to an affected network, an attacker exploits the vulnerability to execute malicious HTML code and malicious scripting code.
Vulnerabilities and security issues are found in the PHP Advanced Transfer Manager version 1.30, and other versions may also be affected.
Test method: None
Workaround: Edit the code to confirm that the input is valid and restrict access to the "test.php" script.
Program Download: Http://phpatm.free.fr/archive/phpATM_130.zip


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.