Knowledgeroot (fckeditor) Remote Arbitrary File Upload Exploit



-=[ Description ]=-

A security issue has been discovered in Knowledgeroot, which can be exploited by malicious people to bypass certain security restrictions.

Access to the enabled FCKeditor component is not properly restricted, which can be exploited to e.g upload files of certain types.

The security issue is confirmed in version 0.9.9.5 Other versions may also be affected.

-=[ Solution ]=-

Restrict access to the extension/fckeditor/fckeditor/editor/filemanager/connectors/php/config.php script (e.g. via .htaccess)

To Proof This Concept , The Script Remote c0de available here:

http://www.inj3ct0r.com/exploits/12132



Relevant Pages

  • Re: AS400 Audit trail question.
    ... | I had look on the others values of QAUDLVL but i can't find the ... The job accounting journal is another journal, ... security audit journal. ... is locked down with security restrictions. ...
    (comp.sys.ibm.as400.misc)
  • Re: AS400 Audit trail question.
    ... | I had look on the others values of QAUDLVL but i can't find the ... The job accounting journal is another journal, ... security audit journal. ... is locked down with security restrictions. ...
    (comp.sys.ibm.as400.misc)
  • Re: Flying out of Vegas
    ... haven't been there since the latest round of new security restrictions. ... anyone who has flown out of LV lately comment on length of security lines, ... They had guys directing traffic to the shortest line by the checkpoint ...
    (alt.vacation.las-vegas)
  • Re: bypassing employers proxy to surf anonymously
    ... How do I seek to bypass the controls that my company has put in place? ... How do I demonstrate that I should not be woirking in the security industry?! ... You have an option to go with a managed service or an enterprise software. ... Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. ...
    (Pen-Test)
  • Re: Security Flaws with XP
    ... someone can just temporarily load another operating system and bypass ... the security features" - because there is really no way to prevent it. ... Only says it's easy to bypass ... > Microsoft's logon. ...
    (microsoft.public.windowsxp.security_admin)