Home Private Messages Search
CPG Dragonfly™ CMS Dedicated Server & Bandwidth Sponsored by DedicatedNOW
Toggle Content
 
Forums ⇒ CMS (All) ⇒ Security :: Archives ⇒ coppermine 1.3 security exploit :: Archived


Forum FAQForum FAQ  Log in to check your private messagesLog in to check your private messages  LoginLogin
SearchSearch  ModeratorsModerators
coppermine 1.3 security exploit :: Archived
Post any security related questions in here.
Please send discovered reports to security @ cpgnuke.com
Do Not post links to exploits or hacker sites - your post will be edited/deleted.
If you think you've been hacked, FIRST go through your server logs.
Go to page 1, 2  Next
Post new topic    Revive this topic    Printer Friendly Page     Forum Index ⇒  Security

Topic Archived View previous topic :: View next topic  
Author Message
purepersian
Heavy poster
Heavy poster

Offline Offline
Joined: May 05, 2004
Posts: 197
Location: london
PostPosted: Thu Sep 02, 2004 7:27 pm
Post subject: coppermine 1.3 security exploit
ok someone kept posting messages and changing the username

so i disabled the username field in the image_comment.html file and somehow he was still able to edit usernames
so i then removed the edit button from comments and he is still changing usernames

i dont know how he does it but iv figured that he posts a message with his username FIRST then changes that message
but i dunno HOW
there must be a security exploit

_________________
Judge not, as you'll be judged first...

Borobiroon.com - Persian Community
Blue Water Media - Professional Webdesign

purepersian's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
latest
Back to top
View user's profile Visit poster's website
Śyama_Dāsa
Developer
Developer

Offline Offline
Joined: Apr 19, 2004
Posts: 2048
Location: Dragonfly CMS Tribe
PostPosted: Thu Sep 02, 2004 10:09 pm
Post subject: Re: coppermine 1.3 security exploit
www.cpgnuke.com/cvs/ht....php?g=1.8 [edited]
This features better input checking and all users are suggested to use this

_________________
AKA Akamu / Read these and your life will be successful | Find a Repair
--
Mods and Professional Support via YIM

Śyama_Dāsa's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
win32 / Apache 1.3.33 / MySQL 4.1.16/PHP 4.4/CPG-CVS ( browsers: Mozilla 1.7.x / IE6 / Opera 8.0)

Last edited by Śyama_Dāsa on Sat Sep 04, 2004 9:29 am; edited 1 time in total
Back to top
View user's profile Visit poster's website Yahoo Messenger Photo Gallery
64bitguy
Heavy poster
Heavy poster

Offline Offline
Joined: Apr 27, 2004
Posts: 248
Location: Manchester, NH USA
PostPosted: Fri Sep 03, 2004 12:40 am
Post subject: Re: coppermine 1.3 security exploit
Can you give me the path where this file is supposed to be saved?

Thanks

_________________
Steph
64bit.us
The IT Portal for IT People!


64bitguy's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
2.6.9-11.ELsmp/Apache-1.3.33(Unix)/MySQL-4.0.25/PHP-4.4.0 (CGI-Mode)/Nuke7.6Patched31, Platinum7612-patched31,7.8patched31, Dragonfly (all)
Back to top
View user's profile Visit poster's website
Trevor
Developer
Developer

Offline Offline
Joined: Apr 19, 2004
Posts: 2170
Location: New York
PostPosted: Fri Sep 03, 2004 12:44 am
Post subject: Re: coppermine 1.3 security exploit
/modules/coppermine/


Trevor's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
Linux / 1.3.34 / 4.1.18 / 4.4.2 / CVS
Back to top
View user's profile Photo Gallery
kjcdude
Newbie
Newbie

Offline Offline
Joined: Aug 27, 2004
Posts: 7
PostPosted: Fri Sep 03, 2004 1:15 am
Post subject: Re: coppermine 1.3 security exploit
Thanks for the update.

Told about through the newsletter that was sent out.


kjcdude's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
----
Back to top
View user's profile Visit poster's website
Zoologico
Heavy poster
Heavy poster

Offline Offline
Joined: Jun 10, 2004
Posts: 158
Location: Boston, MA, USA
PostPosted: Fri Sep 03, 2004 1:39 am
Post subject: Re: coppermine 1.3 security exploit
kjcdude wrote:
Thanks for the update.

Told about through the newsletter that was sent out.

I got the newsletter too, but I was too afraid to click it so I came here directly.

Thanks.

_________________
Miguel G. Perez

Zoologico's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
Windows XP Pro/2.0.48/4.0.18/4.3.4/Dragonfly 9.0.4.0
Back to top
View user's profile ICQ Number AIM Address MSN Messenger Yahoo Messenger
spotlight
Nice poster
Nice poster

Offline Offline
Joined: Aug 10, 2004
Posts: 59
PostPosted: Fri Sep 03, 2004 1:41 am
Post subject: Re: coppermine 1.3 security exploit
I upload the new db_input.php file also i make some changes in the config zone it let me upload photos and it looks like working but only if i use GD1 in the others modes don´t work and show difert types of errors the GD2 mode is better i think mi server don´t have installed the libraries ¿the GD2 works better?

Thanks Very Happy


spotlight's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
XP/?/MYSQL 2.../PHP 4.22/CPG :8.2b
Back to top
View user's profile Visit poster's website
Śyama_Dāsa
Developer
Developer

Offline Offline
Joined: Apr 19, 2004
Posts: 2048
Location: Dragonfly CMS Tribe
PostPosted: Fri Sep 03, 2004 3:33 am
Post subject: Re: coppermine 1.3 security exploit
Yes it is your server... You should suggest they upgrade the server software GD2 has been out for a while...
Other options are Imagemagick and netpbm but don't ask us how to install them we don't know or have time to find out how in all situations...

_________________
AKA Akamu / Read these and your life will be successful | Find a Repair
--
Mods and Professional Support via YIM

Śyama_Dāsa's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
win32 / Apache 1.3.33 / MySQL 4.1.16/PHP 4.4/CPG-CVS ( browsers: Mozilla 1.7.x / IE6 / Opera 8.0)
Back to top
View user's profile Visit poster's website Yahoo Messenger Photo Gallery
musox
Platinum Supporter
Platinum Supporter

Offline Offline
Joined: Apr 20, 2004
Posts: 325
PostPosted: Fri Sep 03, 2004 10:36 am
Post subject: Re: coppermine 1.3 security exploit
Is this a CPGNuke CVS 8.3 fix only? I'm getting
Quote::
Fatal error: main(): Failed opening required 'includes/classes/phpmailer.php' (include_path='.:/usr/local/php4/lib/php') in /......./modules/coppermine/db_input.php on line 146

_________________
../musox.com
Hosted by: Site5.com

musox's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
Linux / 1.3.39 / 4.1.22 / 4.4.7 / 9.2.1
Back to top
View user's profile Visit poster's website Photo Gallery
Śyama_Dāsa
Developer
Developer

Offline Offline
Joined: Apr 19, 2004
Posts: 2048
Location: Dragonfly CMS Tribe
PostPosted: Fri Sep 03, 2004 11:03 am
Post subject: Re: coppermine 1.3 security exploit
change that line to includes/class.phpmailer.php for 8.2b

_________________
AKA Akamu / Read these and your life will be successful | Find a Repair
--
Mods and Professional Support via YIM

Śyama_Dāsa's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
win32 / Apache 1.3.33 / MySQL 4.1.16/PHP 4.4/CPG-CVS ( browsers: Mozilla 1.7.x / IE6 / Opera 8.0)
Back to top
View user's profile Visit poster's website Yahoo Messenger Photo Gallery
Jeruvy
Security Team
Security Team

Offline Offline
Joined: Apr 23, 2004
Posts: 1432
Location: Canada
PostPosted: Fri Sep 03, 2004 1:45 pm
Post subject: Re: coppermine 1.3 security exploit
Ok, folks I have no specifics on this issue. I have no idea how the person was able to change his id.

This patch is speculative at this stage without better details.

_________________
J.
j e r u v y a t y a h o o d o t c o m

Need help? Look here: www.dragonflycms.org/W...d=112.html
Need to chat? Look for me on irc.freenode.net

Jeruvy's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
Ubuntu7.10/Debian3.1 - 2.2.3/1.3.37 - 5.0.38/4.0.27 - 5.2.1/4.4.7 - CVS/9.1.2}
Back to top
View user's profile ICQ Number Yahoo Messenger Photo Gallery
kjcdude
Newbie
Newbie

Offline Offline
Joined: Aug 27, 2004
Posts: 7
PostPosted: Sat Sep 04, 2004 5:40 am
Post subject: Re: coppermine 1.3 security exploit
After upgrade i tried to upload a picture and recieved the following error.

Code:: 
Fatal error: Call to undefined function: fix_quotes() in /home/swezey/kyle/dheat/modules/coppermine/db_input.php on line 219

-Kyle


kjcdude's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
----
Back to top
View user's profile Visit poster's website
Śyama_Dāsa
Developer
Developer

Offline Offline
Joined: Apr 19, 2004
Posts: 2048
Location: Dragonfly CMS Tribe
PostPosted: Sat Sep 04, 2004 5:47 am
Post subject: Re: coppermine 1.3 security exploit
and what version of cpgnuke are you using kcjdude?

_________________
AKA Akamu / Read these and your life will be successful | Find a Repair
--
Mods and Professional Support via YIM

Śyama_Dāsa's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
win32 / Apache 1.3.33 / MySQL 4.1.16/PHP 4.4/CPG-CVS ( browsers: Mozilla 1.7.x / IE6 / Opera 8.0)
Back to top
View user's profile Visit poster's website Yahoo Messenger Photo Gallery
Śyama_Dāsa
Developer
Developer

Offline Offline
Joined: Apr 19, 2004
Posts: 2048
Location: Dragonfly CMS Tribe
PostPosted: Sat Sep 04, 2004 6:20 am
Post subject: Re: coppermine 1.3 security exploit
I have updated db_input.php to work with 8.2b and 1.3.0 for *nuke
www.cpgnuke.com/cvs/ht....php?g=1.8

_________________
AKA Akamu / Read these and your life will be successful | Find a Repair
--
Mods and Professional Support via YIM

Śyama_Dāsa's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
win32 / Apache 1.3.33 / MySQL 4.1.16/PHP 4.4/CPG-CVS ( browsers: Mozilla 1.7.x / IE6 / Opera 8.0)
Back to top
View user's profile Visit poster's website Yahoo Messenger Photo Gallery
kjcdude
Newbie
Newbie

Offline Offline
Joined: Aug 27, 2004
Posts: 7
PostPosted: Sat Sep 04, 2004 8:29 am
Post subject: Re: coppermine 1.3 security exploit
I am using PHP-Nuke 7.4 Coppermine 1.3.0a .

I will try yours and see if that works.

-Kyle


kjcdude's server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS)
----
Back to top
View user's profile Visit poster's website
Display posts from previous:   
Post new topic    Revive this topic    Printer Friendly Page    Forum Index ⇒  Security
Page 1 of 2
All times are GMT
Go to page 1, 2  Next

Archive Revive
Username:
This is an archived topic - your reply will not be appended here.
Instead, a new topic will be generated in the active forum.
The new topic will provide a reference link to this archived topic.
 
   Toggle Content User Info

Welcome Anonymous
Nickname
Password
(Register)

   Toggle Content Last CVS commits
· Fixed .ico Expires header.
· Removed domain name from cookies so subdomains wont access them anymore.
· CSS and JS, case insensitives.
· CSS and JS, send correct HTTP 1.1 headers and fixed issues where themes and...
· Further security class improvements.
· 301 redirects on LEO changes
· Option to force 3xx http status codes
· Validate googlebot.com and google.com crawlers.
· CCBot
· Rss with etag and atom.

read more...

   Toggle Content Community

Support for DragonflyCMS in a other languages:

Deutsch
Español

   Toggle Content X-links
UltraEdit Browse Happy logo Firefox MySQL PostgreSQL Valid CSS! Valid XHTML 1.0! Unicode Encoded Badge NukeBiz Resources Raven DragonflyCMS Dedicated Now InsideSupport Lampe Berger

You are seeing squares or questionmarks on this page?

All content of this website is copyrighted by the Creative Commons NC-SA
The logos and trademarks used on this site are the property of their respective owners
We are not responsible for comments posted by our users, as they are the property of the poster.
Our server runs on a P3 1.2GHz with 512MB RAM with no accelerators
Support GoPHP5.org
Interactive software released under GNU GPL, Code Credits, Privacy Policy