Bug 82830

Summary:	www-apps/mambo: "GLOBALS['mosConfig_absolute_path']" File Inclusion
Product:	Gentoo Security	Reporter:	Jean-François Brunette (RETIRED) <formula7>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal	CC:	web-apps
Priority:	High
Version:	unspecified
Hardware:	All
OS:	All
URL:	http://secunia.com/advisories/14337/
Whiteboard:	~1 [noglsa]
Package list:		Runtime testing required:	---

Description Jean-François Brunette (RETIRED) gentoo-dev

2005-02-21 08:03:00 UTC

Description:
A vulnerability has been reported in Mambo, which can be exploited by malicious people to compromise a vulnerable system.

Input passed to the "GLOBALS['mosConfig_absolute_path']" parameter in "Tar.php" is not properly verified, before it is used to include files. This can be exploited to include arbitrary files from external and local resources.

Successful exploitation requires that "register_globals" is enabled.

Comment 1 Matthias Geerdsen (RETIRED) gentoo-dev

2005-02-21 08:30:20 UTC

web-apps, pls verify/bump

Comment 2 Stuart Herbert (RETIRED) gentoo-dev

2005-02-21 12:41:34 UTC

We are not vulnerable, as we don't have Mambo 4.5.2 in the tree.  However, I'll get Mambo 4.5.2.1 into the tree as quickly as possible, as a precaution.

Best regards,
Stu

Comment 3 Stuart Herbert (RETIRED) gentoo-dev

2005-02-21 13:42:10 UTC

Mambo 4.5.2 now in Portage.

Comment 4 Luke Macken (RETIRED) gentoo-dev

2005-02-21 14:07:54 UTC

Thanks Stuart.

This package was never marked stable on any archs; closing without GLSA.