search

soaivu / clipbucket

Automatically exported from code.google.com/p/clipbucket
0 stars 0 forks source link

Security Issue! #425

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
Someone managed to upload several exploits to my installation:

I detected on webserver logs, everyone can upload any file this way:

/admin_area/charts/ofc-library/ofc_upload_image.php?name=.up.php

Original issue reported on code.google.com by bru...@agro.uba.ar on 6 Sep 2013 at 1:49

GoogleCodeExporter commented 8 years ago 
This isn't ClipBucket specific, but if you look at 
http://sourceforge.net/p/clipbucket/code/HEAD/tree/trunk/upload/admin_area/chart
s/ofc-library/ofc_upload_image.php you'll see that this has no file mime or 
content validation at all, which allows for scripts to be executed.  I have 
added a temporary rule to our servers until this is fixed that should 
effectively block the exploit.

SecRule REQUEST_BASENAME "@streq ofc_upload_image.php" \
  "phase:1,rev:'2',id:'958978',deny,log,auditlog,status:403,msg:'OpenFlashChart Image upload script attempt - JIT patch'"

Original comment by z...@pacifichost.com on 23 Sep 2013 at 7:23

GoogleCodeExporter commented 8 years ago 
Good to know, i don't use apache, so i chmoded this script for the moment.

Original comment by bru...@agro.uba.ar on 2 Oct 2013 at 6:32

GoogleCodeExporter commented 8 years ago 
removed from cb source.

Original comment by arslan...@gmail.com on 24 Feb 2015 at 9:53

GoogleCodeExporter commented 8 years ago 
removed from cb source.

Original comment by arslan...@gmail.com on 24 Feb 2015 at 9:53