Page 1 of 1
Vulnerablities in CMS Made Simple 1.6.6?
Posted: Sun Feb 14, 2010 12:13 pm
by Maarten
Hi I just came across a Vulnerablities claim targetted on CMS Made Simple 1.6.6. I tried to reproduce it myself but I was unsuccesfull. Maybe because of the secure server configuration.
################################################################
# .___ __ _______ .___ #
# __| _/____ _______| | __ ____ \ _ \ __| _/____ #
# / __ |\__ \\_ __ \ |/ // ___\/ /_\ \ / __ |/ __ \ #
# / /_/ | / __ \| | \/ \_____ /\_____|\____\ #
# \/ \/ \/ #
# ___________ ______ _ __ #
# _/ ___\_ __ \_/ __ \ \/ \/ / #
# \ \___| | \/\ ___/\ / #
# \___ >__| \___ >\/\_/ #
# est.2007 \/ \/ forum.darkc0de.com #
################################################################
# Greetz to all Darkc0de ,AI,ICW, AH Memebers
# Shoutz to r45c4l,j4ckh4x0r,silic0n,smith,baltazar,d3hydr8,FB1H2S, lowlz,Eberly,Sumit,
#
# Author: Beenu Arora
#
# Home :
www.BeenuArora.com
#
# Email :
beenudel1986@gmail.com
#
# Share the c0de!
#
################################################################
#
# Exploit: Multiple Vulnerablities in cmsmadesimple
#
# AppSite:
http://www.cmsmadesimple.com/
#
# Tested Version : 1.6.6
# XSS
#
# POC:-
http://localhost/cmsmadesimple/index.ph ... ert('XSS')
#
#
#
# Multiple Local File Inclusion
#
# Sample URL:
# POC:-
http://server/cmsmadesimple/index.php?m ... eturnid=39
#
#
################################################################
Re: Vulnerablities in CMS Made Simple 1.6.6?
Posted: Sun Feb 14, 2010 12:18 pm
by RonnyK
Maarten,
thanks for the info.. The modifications for these fixes were already made in SVN last Friday, as the report was known by then. So an 1.6.7 is to be released soon, to handle these 2 reported vulnerabilities..
Ronny
Re: Vulnerablities in CMS Made Simple 1.6.6?
Posted: Sun Feb 14, 2010 1:12 pm
by Maarten
Good to hear that vulnerabilities are taken care of with such speed! Thanks for the quick update!
Re: Vulnerablities in CMS Made Simple 1.6.6?
Posted: Mon Feb 15, 2010 3:14 pm
by mw
RonnyK wrote:
Maarten,
thanks for the info.. The modifications for these fixes were already made in SVN last Friday, as the report was known by then. So an 1.6.7 is to be released soon, to handle these 2 reported vulnerabilities..
Ronny
Looking at the sample url it contains "boot.ini" in the string, can I assume this exploit is limited to a windows installation?
Re: Vulnerablities in CMS Made Simple 1.6.6?
Posted: Sun Feb 28, 2010 6:20 am
by iNSiPiD
Hiya, just downloaded 1.6.7 and 1.6.6 to perform a slipstream install from 1.6.5.
In extracting cmsmadesimple-base-diff-1.6.6-1.6.7.tar there appear to be some redundant files. All are 0kb in size and look like they were accidetnally included in root?
- action.savetoolbar.php
function.admin_toolbar.php
safari
toolbarpanel.tpl
Would appreciate some confirmation before I proceed with the upgrade.
Thank you.
iNSiPiD
Re: Vulnerablities in CMS Made Simple 1.6.6?
Posted: Sun Feb 28, 2010 1:03 pm
by reneh
Yes these files is leftovers and a bug in make release script included these. (should be ok for future releases)
So these files are harmless.
I'm not sure if you find other problems with this packet - if so you can use one of the other packets for upgrade...
As far I know its ONLY the cmsmadesimple-base-diff-1.6.6-1.6.7.tar.gz that contains thes extra files.
Re: Vulnerablities in CMS Made Simple 1.6.6?
Posted: Sun Feb 28, 2010 2:07 pm
by reneh
Re: Vulnerablities in CMS Made Simple 1.6.6?
Posted: Mon Mar 01, 2010 8:28 am
by iNSiPiD
Cheers, reneh. Ever vigilant.
