CMS Made Simple Forums

Content management as it is meant to be
https://forum.cmsmadesimple.org/

Vuln: FCK Editor

https://forum.cmsmadesimple.org/viewtopic.php?t=4702

Page 1 of 1

Vuln: FCK Editor

Posted: Fri May 19, 2006 9:08 am
by dcdent
Some new security issue, source: Secunia
FCKeditor "Type" Parameter File Upload Vulnerability

Secunia Advisory: SA20122  
Release Date: 2006-05-18


Critical: Moderately critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch


Software: FCKeditor 2.x (Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.)


Description:
A vulnerability has been discovered in FCKeditor, which potentially can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an input validation error in the processing of file uploads. This can be exploited to upload arbitrary scripts by defining an invalid value for the "Type" parameter when uploading a file via "editor/filemanager/upload/php/upload.php".

Successful exploitation requires that file uploads have been enabled in the "config.php" configuration file (not enabled by default).

The vulnerability has been confirmed in version 2.2. Prior versions may also be affected.

Solution:
The vulnerability has been fixed in version 2.3 Beta.

Provided and/or discovered by:
Reported by the vendor.

Re: Vuln: FCK Editor

Posted: Fri May 19, 2006 10:26 am
by Ted
This file has a login cookie check as well in 0.13 (I added it as a precaution after beta4).  So, they'd have to be logged into CMSMS for this vulnerability to even be possible.  I wouldn't worry about it too much, though we will update fck when a 2.3 final comes out.

Re: Vuln: FCK Editor

Posted: Fri May 19, 2006 10:53 am
by dcdent
ok,
thanks for fast response!

Re: Vuln: FCK Editor

Posted: Fri May 19, 2006 11:10 am
by Ted
And in other news, Silmarillion has been playing around with 2.3 beta and says it's pretty good.  It's a lot faster, apparently.  I'll be interested to see how it works out after it's fully integrated.

Re: Vuln: FCK Editor

Posted: Tue Jun 20, 2006 1:03 pm
by Greg
I see 2.3 of FCKeditor is now finalized - is it in the latest svn?

Re: Vuln: FCK Editor

Posted: Fri Jun 23, 2006 2:57 pm
by Elijah Lofgren
Greg wrote: I see 2.3 of FCKeditor is now finalized - is it in the latest svn?
Yes. It loads a lot faster than previous versions. :)

Re: Vuln: FCK Editor

Posted: Sat Jun 24, 2006 9:15 pm
by Greg
In the latest SVN .....

The smileys folder is missing ... Modules/FCKeditor/fckeditor/images/smiley
Also getting a javascript error:

Re: Vuln: FCK Editor

Posted: Sat Jun 24, 2006 11:13 pm
by Ted
I had Sil remove some of the sillier plugins from FCK.  Stuff like that is just taking up space and if people REALLY need it, they can grab them from the FCK site.

Not sure about the javascript error, though.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited