Zone-H.org - Jamroom "jamroom[jm_dir]" File Inclusion Vulnerability

Jamroom "jamroom[jm_dir]" File Inclusion Vulnerability

Written by Marcelo Almeida (Vympel)

Tuesday, 24 June 2008

Some vulnerabilities have been reported in Jamroom, which can be exploited by malicious people to compromise a vulnerable system.

Input passed to the "jamroom[jm_dir]" parameter in include/plugins/jrBrowser/purchase.php and include/plugins/jrBrowser/payment.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources.

Successful exploitation requires that "register_globals" is enabled...

The vulnerabilities are reported in Jamroom 3.3.x prior to 3.3.6 and 3.2.x with the Payment Pack installed. Other versions may also be affected.

Solution:
Update to version 3.3.6.

Set "register_globals" to "off".

Provided and/or discovered by:
Cyberlog. Additional vulnerable file reported by the vendor.

Original Advisory:
Cyberlog:
http://milw0rm.com/exploits/5876

Jamroom:
http://jamroom.net/index.php?m=td_tracker&o=view&id=1130

Original Article:
http://secunia.com/advisories/30806/

Comments Index (Total Messages: 0)

Post Reply
Name:	Guest
Title:
Comment:
Enter this security word

Powered by a Zone-H(ified) version of AkoComment 3.0!

DISCLAIMER: Forum postings are the opinion of the posting author alone, and should not be taken as the opinion of Zone-h. The author is entirely and solely responsible for all content that he/she uploads, posts, or otherwise transmits via the website. Zone-h is not responsible for such content. However, Zone-h shall have the right, but not the obligation, to delete, move, or edit any content that violates this agreement or is otherwise objectionable as determined by Zone-h in its sole discretion and without notice.

< Prev		Next >

[ Back ]