Thursday, April 13, 2006

PHPList Vulnerability

critical vulnerability has been detected in PHPlist (http://tincan.co.uk/phplist), a double opt-in newsletter manager, which could allow a remote attacker to execute arbitrary code and compromise system security.

The problem stems from a lack of validation or normalization of data gathered through several entry parameters.

This is a typical and well-known vulnerability in Web applications and is exploited, for example, using SQL injection in online forms.

In the case we are looking at here, the affected parameters are "database_module" and "language_module".

If the "register_globals" option is enabled, a remote user could construct a URL to execute arbitrary code in the server hosting the vulnerable PHPlist application.

According to the original advisory, the vulnerability would affect PHPlist versions 2.10.2 and earlier.

Until a new version or official patch is available to correct the problem, users are advised to disable the "registers_globals" option or modify the code to properly filter the affected parameters.

Links to this post:

Create a Link

<< Home