PEAK XOOPS - The impact of Snoopy vulnerability in englishin japanese

Archive | RSS |
XOOPS
XOOPS : The impact of Snoopy vulnerability
Poster : GIJOE on 2008-10-30 16:04:51 (6744 reads)

in englishin japanese
A command execution vulnerability has found at the library "Snoopy".
http://secunia.com/Advisories/32361/

But calm down, guy.
All XOOPS forks never pass arbitrary URIs into Snoopy.
And almost modules using Snoopy allow to set URIs only by administrators.
Just update the releasing version later.

But, if you allows guests or incredible users to set URI using Snoopy, you have to patch it urgently.


Index: html/class/snoopy.php
===================================================================
--- snoopy.php  (revision 729)
+++ snoopy.php  (working copy)
@@ -1035,8 +1035,7 @@

                $headerfile = tempnam($temp_dir, "sno");

-               $safer_URI = strtr( $URI, "\"", " " ); // strip quotes from the URI to avoid shell access
-               exec($this->curl_path." -D \"$headerfile\"".$cmdline_params." \"".$safer_URI."\"",$results,$return);
+               exec($this->curl_path." -k -D \"$headerfile\"".$cmdline_params." \"".escapeshellcmd($URI)."\"",$results,$return);

                if($return)
                {

0 comments
Printer friendly page Send this story to a friend

Comments list

Login
Username or e-mail:

Password:

Remember Me

Lost Password?

Register now!