製品・ソフトウェアに関する情報

JVN脆弱性詳細

Campware Campsite における PHP リモートファイルインクルージョンの脆弱性

Title	Campware Campsite における PHP リモートファイルインクルージョンの脆弱性
Summary	Campware Campsite には、PHP リモートファイルインクルージョンの脆弱性が存在します。
Possible impacts	第三者により、以下への g_documentRoot パラメータ内の URL を介して、任意の PHP コードを実行される可能性があります。 (1) implementation/management/classes/ 内の Alias.php (2) implementation/management/classes/ 内の Article.php (3) implementation/management/classes/ 内の ArticleAttachment.php (4) implementation/management/classes/ 内の ArticleComment.php (5) implementation/management/classes/ 内の ArticleData.php (6) implementation/management/classes/ 内の ArticleImage.php (7) implementation/management/classes/ 内の ArticleIndex.php (8) implementation/management/classes/ 内の ArticlePublish.php (9) implementation/management/classes/ 内の ArticleTopic.php (10) implementation/management/classes/ 内の ArticleType.php (11) implementation/management/classes/ 内の ArticleTypeField.php (12) implementation/management/classes/ 内の Attachment.php (13) implementation/management/classes/ 内の Country.php (14) implementation/management/classes/ 内の DatabaseObject.php (15) implementation/management/classes/ 内の Event.php (16) implementation/management/classes/ 内の IPAccess.php (17) implementation/management/classes/ 内の Image.php (18) implementation/management/classes/ 内の Issue.php (19) implementation/management/classes/ 内の IssuePublish.php (20) implementation/management/classes/ 内の Language.php (21) implementation/management/classes/ 内の Log.php (22) implementation/management/classes/ 内の LoginAttempts.php (23) implementation/management/classes/ 内の Publication.php (24) implementation/management/classes/ 内の Section.php (25) implementation/management/classes/ 内の ShortURL.php (26) implementation/management/classes/ 内の Subscription.php (27) implementation/management/classes/ 内の SubscriptionDefaultTime.php (28) implementation/management/classes/ 内の SubscriptionSection.php (29) implementation/management/classes/ 内の SystemPref.php (30) implementation/management/classes/ 内の Template.php (31) implementation/management/classes/ 内の TimeUnit.php (32) implementation/management/classes/ 内の Topic.php (33) implementation/management/classes/ 内の UrlType.php (34) implementation/management/classes/ 内の User.php (35) implementation/management/classes/ 内の UserType.php (36) implementation/management/ 内の configuration.php (37) implementation/management/ 内の db_connect.php (38) implementation/management/priv/localizer/ 内の LocalizerConfig.php (39) implementation/management/priv/localizer/ 内の LocalizerLanguage.php
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	Nov. 15, 2006, midnight
Registration Date	June 26, 2012, 3:37 p.m.
Last Update	June 26, 2012, 3:37 p.m.

CVSS2.0 : 危険
Score	7.5
Vector	AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected System

campware.org

campsite 2.6.2 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2006-5911	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5911
National Vulnerability Database (NVD)
2	CVE-2006-5911	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5911

ベンダー情報

No	Name	URL
campware.org
1	Top Page	http://www.sourcefabric.org/

Change Log

No	Changed Details	Date of change
0	[2012年06月26日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2006-5911

Summary	Multiple PHP remote file inclusion vulnerabilities in Campware Campsite before 2.6.2 allow remote attackers to execute arbitrary PHP code via a URL in the g_documentRoot parameter to (1) Alias.php, (2) Article.php, (3) ArticleAttachment.php, (4) ArticleComment.php, (5) ArticleData.php, (6) ArticleImage.php, (7) ArticleIndex.php, (8) ArticlePublish.php, (9) ArticleTopic.php, (10) ArticleType.php, (11) ArticleTypeField.php, (12) Attachment.php, (13) Country.php, (14) DatabaseObject.php, (15) Event.php, (16) IPAccess.php, (17) Image.php, (18) Issue.php, (19) IssuePublish.php, (20) Language.php, (21) Log.php, (22) LoginAttempts.php, (23) Publication.php, (24) Section.php, (25) ShortURL.php, (26) Subscription.php, (27) SubscriptionDefaultTime.php, (28) SubscriptionSection.php, (29) SystemPref.php, (30) Template.php, (31) TimeUnit.php, (32) Topic.php, (33) UrlType.php, (34) User.php, and (35) UserType.php in implementation/management/classes/; (36) configuration.php and (37) db_connect.php in implementation/management/; and (38) LocalizerConfig.php and (39) LocalizerLanguage.php in implementation/management/priv/localizer/.
Publication Date	Nov. 16, 2006, 12:07 a.m.
Registration Date	Jan. 29, 2021, 3:49 p.m.
Last Update	Sept. 6, 2008, 6:13 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:campware.org:campsite:2.6.0:::::::*
cpe:2.3:a:campware.org:campsite:2.6.1:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	http://code.campware.org/projects/campsite/changeset/6057	CONFIRM	Patch
2	http://code.campware.org/projects/campsite/changeset/6058	CONFIRM	Patch
3	http://code.campware.org/projects/campsite/query?milestone=2.6.2	CONFIRM
4	http://code.campware.org/projects/campsite/ticket/2349	CONFIRM
5	http://sourceforge.net/project/shownotes.php?release_id=459574&group_id=66936	CONFIRM	Patch
6	http://www.osvdb.org/34187	OSVDB
7	http://www.osvdb.org/34188	OSVDB
8	http://www.osvdb.org/34189	OSVDB
9	http://www.osvdb.org/34190	OSVDB
10	http://www.osvdb.org/34191	OSVDB
11	http://www.osvdb.org/34192	OSVDB
12	http://www.osvdb.org/34193	OSVDB
13	http://www.osvdb.org/34194	OSVDB
14	http://www.osvdb.org/34195	OSVDB
15	http://www.osvdb.org/34196	OSVDB
16	http://www.osvdb.org/34197	OSVDB
17	http://www.osvdb.org/34198	OSVDB
18	http://www.osvdb.org/34199	OSVDB
19	http://www.osvdb.org/34200	OSVDB
20	http://www.osvdb.org/34201	OSVDB
21	http://www.osvdb.org/34202	OSVDB
22	http://www.osvdb.org/34203	OSVDB
23	http://www.osvdb.org/34204	OSVDB
24	http://www.osvdb.org/34205	OSVDB
25	http://www.osvdb.org/34206	OSVDB
26	http://www.osvdb.org/34207	OSVDB
27	http://www.osvdb.org/34208	OSVDB
28	http://www.osvdb.org/34209	OSVDB
29	http://www.osvdb.org/34210	OSVDB
30	http://www.osvdb.org/34211	OSVDB
31	http://www.osvdb.org/34212	OSVDB
32	http://www.osvdb.org/34213	OSVDB
33	http://www.osvdb.org/34214	OSVDB
34	http://www.osvdb.org/34215	OSVDB
35	http://www.osvdb.org/34216	OSVDB
36	http://www.osvdb.org/34217	OSVDB
37	http://www.osvdb.org/34218	OSVDB
38	http://www.osvdb.org/34219	OSVDB
39	http://www.osvdb.org/34220	OSVDB
40	http://www.osvdb.org/34221	OSVDB
41	http://www.osvdb.org/34222	OSVDB
42	http://www.osvdb.org/34223	OSVDB
43	http://www.osvdb.org/34224	OSVDB
44	http://www.osvdb.org/34225	OSVDB
45	http://www.securityfocus.com/bid/23874	BID

Common Vulnerabilities List