PEAK XOOPS - The impact of Snoopy vulnerability in englishin japanese

Archive | RSS |
XOOPS : The impact of Snoopy vulnerability
Poster : GIJOE on 2008-10-30 16:04:51 (6843 reads)

in englishin japanese
A command execution vulnerability has found at the library "Snoopy".

But calm down, guy.
All XOOPS forks never pass arbitrary URIs into Snoopy.
And almost modules using Snoopy allow to set URIs only by administrators.
Just update the releasing version later.

But, if you allows guests or incredible users to set URI using Snoopy, you have to patch it urgently.

Index: html/class/snoopy.php
--- snoopy.php  (revision 729)
+++ snoopy.php  (working copy)
@@ -1035,8 +1035,7 @@

                $headerfile = tempnam($temp_dir, "sno");

-               $safer_URI = strtr( $URI, "\"", " " ); // strip quotes from the URI to avoid shell access
-               exec($this->curl_path." -D \"$headerfile\"".$cmdline_params." \"".$safer_URI."\"",$results,$return);
+               exec($this->curl_path." -k -D \"$headerfile\"".$cmdline_params." \"".escapeshellcmd($URI)."\"",$results,$return);


Printer friendly page Send this story to a friend

Comments list

Username or e-mail:


Remember Me

Lost Password?

Register now!