CVE-2006-1688 Information
Description
Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and earlier as used in products such as Autonomous LAN party (ALP) allow remote attackers to execute arbitrary PHP code via a URL in the libpath parameter to scripts in the lib directory including (1) ase.php (2) devi.php (3) doom3.php (4) et.php (5) flashpoint.php (6) gameSpy.php (7) gameSpy2.php (8) gore.php (9) gsvari.php (10) halo.php (11) hlife.php (12) hlife2.php (13) igi2.php (14) main.lib.php (15) netpanzer.php (16) old_hlife.php (17) pkill.php (18) q2a.php (19) q3a.php (20) qworld.php (21) rene.php (22) rvbshld.php (23) savage.php (24) simracer.php (25) sof1.php (26) sof2.php (27) unreal.php (28) ut2004.php and (29) vietcong.php. NOTE: the lib/armygame.php vector is already covered by CVE-2006-1610. The provenance of most of these additional vectors is unknown although likely from post-disclosure analysis. NOTE: this only occurs when register_globals is disabled.
Reference
http://liz0zim.no-ip.org/alp.txt http://secunia.com/advisories/19482 http://secunia.com/advisories/19588 http://securityreason.com/securityalert/679 http://securitytracker.com/id?1015884 http://www.blogcu.com/Liz0ziM/431845/ http://www.osvdb.org/24401 http://www.osvdb.org/24402 http://www.osvdb.org/24403 http://www.osvdb.org/24404 http://www.osvdb.org/24405 http://www.osvdb.org/24406 http://www.osvdb.org/24407 http://www.osvdb.org/24408 http://www.osvdb.org/24409 http://www.osvdb.org/24410 http://www.osvdb.org/24411 http://www.osvdb.org/24412 http://www.osvdb.org/24413 http://www.osvdb.org/24414 http://www.osvdb.org/24415 http://www.osvdb.org/24416 http://www.osvdb.org/24417 http://www.osvdb.org/24418 http://www.osvdb.org/24419 http://www.osvdb.org/24420 http://www.osvdb.org/24421 http://www.osvdb.org/24422 http://www.osvdb.org/24423 http://www.osvdb.org/24424 http://www.osvdb.org/24425 http://www.osvdb.org/24426 http://www.osvdb.org/24427 http://www.osvdb.org/24428 http://www.osvdb.org/24429 http://www.securityfocus.com/archive/1/430289/100/0/threaded http://www.securityfocus.com/archive/1/439874/100/0/threaded http://www.securityfocus.com/archive/1/441015/100/0/threaded http://www.securityfocus.com/bid/17434 http://www.vupen.com/english/advisories/2006/1284
Share on: