Bugtraq: Re: Olate Download 3.4.2 ~ userupload.php ~ Upload Executable Files

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Olate Download 3.4.2 ~ userupload.php ~ Upload Executable Files

From: lcat <lcat () email dp ua>
Date: Wed, 5 Sep 2007 07:34:15 -0700

Unfortunately user can upload files by default.
Olate 3.4.2 check the extension of uploaded file and by default you can't 
upload anything. Admin have to indicate which extensions are allowed for 
uploading.
Here is code:
if ($site_config['enable_useruploads'] == 1)
{
        // Upload file
        if (isset($_FILES['uploadfile']))
        {               
                $ext = strrchr($_FILES['uploadfile']['name'], '.');
                $allowed_ext = explode(',', $site_config['uploads_allowed_ext']);
                        
                if (in_array($ext, $allowed_ext))
                {

Good Luck.

On Friday 31 August 2007, imei Addmimistrator wrote:

VISIT ORIGINAL ADVISORY FOR MORE DETAILS
http://myimei.com/security/2007-09-01/olate-download-342-useruploadphp-uplo
ad-executable-files.html VISIT ORIGINAL ADVISORY FOR MORE DETAILS/
——-Summary——
 Software: Olate Download
 Sowtware's Web Site: http://www.olate.co.uk/
 Versions: 3.4.2
 Class: Remote
 Status: Unpatched
 Exploit: Available
 Solution: Not Available
 Discovered by: imei Addmimistrator
 Risk Level: High

VISIT ORIGINAL ADVISORY FOR MORE DETAILS

http://myimei.com/security/2007-09-01/olate-download-342-useruploadphp-uplo
ad-executable-files.html VISIT ORIGINAL ADVISORY FOR MORE DETAILS/

By Date By Thread

Current thread:

Olate Download 3.4.2 ~ userupload.php ~ Upload Executable Files imei Addmimistrator (Sep 01)
- Re: Olate Download 3.4.2 ~ userupload.php ~ Upload Executable Files lcat (Sep 05)