PHP Advanced Transfer Manager Multiple Vulnerability _php Tutorials

Source: Internet
Author: User
Tags configuration settings
Information provided: Security bulletins (or leads) Hotline: 51cto.editor@gmail.com
Vulnerability Category: Input Confirmation vulnerability
Attack Type: Remote attack
Release Date: 2005-09-20
Update on: 2005-09-20
Affected system: PHP Advanced Transfer Manager 1.x
Safety System: None
Vulnerability Reporter: Rgod
Vulnerability Description: Secunia advisory:sa16867
PHP Advanced Transfer Manager Composite Vulnerability
Rgod has reported some of the vulnerabilities and security issues in PHP Advanced Transfer Manager. A malicious attacker could exploit the vulnerability to compromise system information and some sensitive information, or to perform cross-scripting attacks.
1. The input to the "Current_dir" and "filename" parameters in "txt.php", "htm.php", "html.php" and "zip.php" are not valid until the file is displayed. An attacker exploits a vulnerability to compromise the content of a malicious file through a directory barrier attack.
2. An attacker exploiting the vulnerability by direct access to the "test.php" script may reveal certain PHP configuration settings.
3. The input to the "font", "Normalfontcolor", and "mess[31" parameters in "txt.php" is not valid until feedback is given to the user. When a user browses to an affected network, an attacker exploits the vulnerability to execute malicious HTML code and malicious script code.
Vulnerabilities and security issues were identified in the PHP advanced Transfer Manager 1.30 release, and other versions may also be affected.
Test method: None
Workaround: Edit the code to confirm that the input is valid and restrict access to the "test.php" script.
Program Download: Http://phpatm.free.fr/archive/phpATM_130.zip


http://www.bkjia.com/PHPjc/629815.html www.bkjia.com true http://www.bkjia.com/PHPjc/629815.html techarticle information provided: security bulletin (or lead) Hotline: 51cto.editor@gmail.com Vulnerability Category: Input confirmation vulnerability attack Type: Remote attack release date: 2005-09-20 update Date ...

  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.