plainblack.com
Username Password
search
Bookmark and Share

Security: Executable Upload Problem

User: JT
Date: 12/2/2008 2:27 pm
Views: 4827
Rating: 28    Rate [
|
]

 A problem was discovered that affects all 7.x releases. A malicious user can email an attachment to a collaboration system (if you're using the mail features of the collaboration system), which contains an executable, like a perl program, a shell script, or a php page; and if your web server is set up to be able to execute those types of files, then that program can be executed by clicking on it from the web view of the collaboration system.

We recommend you take immediate action to protect yourself from this defect. 

WebGUI 7.6.5 will be coming out later today, which has a fix for this. WebGUI 7.5.35 will be released on Thursday and also has a fix for this.

In the mean time you can edit lib/WebGUI/Storage.pm and replace the addFileFromScalar() method  with the code below:

sub addFileFromScalar {

my ($self, $filename, $content) = @_;

    if (isIn($self->getFileExtension($filename), qw(pl perl sh cgi php asp html htm))) { # make us safe from malicious uploads

        $filename =~ s/\./\_/g;

        $filename .= ".txt";

    }

    $filename = $self->session->url->makeCompliant($filename);

if (open(my $FILE, ">", $self->getPath($filename))) {

print $FILE $content;

close($FILE);

        $self->_changeOwner($self->getPath($filename));

}

    else {

        $self->_addError("Couldn't create file ".$self->getPath($filename)." because ".$!);

}

return $filename;

}

 

PreviousBackNext
© 2022 Plain Black Corporation | All Rights Reserved