CVE-2008-4181

23.09.2008, 15:25

Directory traversal vulnerability in includes/xml.php in the Netenberg Fantastico De Luxe module before 2.10.4 r19 for cPanel, when cPanel PHP Register Globals is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) or absolute pathname in the fantasticopath parameter.  NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.

Path Traversal

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	6.8 UNKNOWN	NETWORK	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P
mitre	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 86%

Vendor	Product	Version
netenberg	fantastico_de_luxe	𝑥 ≤ 2.8.2
netenberg	fantastico_de_luxe	𝑥 ≤ 2.8.8
netenberg	fantastico_de_luxe	𝑥 ≤ 2.10.0
netenberg	fantastico_de_luxe	𝑥 ≤ 2.10.0
netenberg	fantastico_de_luxe	𝑥 ≤ 2.10.2
netenberg	fantastico_de_luxe	𝑥 ≤ 2.10.4
netenberg	fantastico_de_luxe	2.8.2:r1
netenberg	fantastico_de_luxe	2.8.2:r10
netenberg	fantastico_de_luxe	2.8.2:r11
netenberg	fantastico_de_luxe	2.8.2:r2
netenberg	fantastico_de_luxe	2.8.2:r3
netenberg	fantastico_de_luxe	2.8.2:r4
netenberg	fantastico_de_luxe	2.8.2:r5
netenberg	fantastico_de_luxe	2.8.2:r6
netenberg	fantastico_de_luxe	2.8.2:r7
netenberg	fantastico_de_luxe	2.8.2:r8
netenberg	fantastico_de_luxe	2.8.2:r9
netenberg	fantastico_de_luxe	2.8.4:r1
netenberg	fantastico_de_luxe	2.8.4:r2
netenberg	fantastico_de_luxe	2.8.4:r3
netenberg	fantastico_de_luxe	2.8.4:r4
netenberg	fantastico_de_luxe	2.8.4:r5
netenberg	fantastico_de_luxe	2.8.4:r6
netenberg	fantastico_de_luxe	2.8.4:r7
netenberg	fantastico_de_luxe	2.8.6:r1
netenberg	fantastico_de_luxe	2.8.6:r2
netenberg	fantastico_de_luxe	2.8.6:r3
netenberg	fantastico_de_luxe	2.8.8:r1
netenberg	fantastico_de_luxe	2.8.8:r10
netenberg	fantastico_de_luxe	2.8.8:r2
netenberg	fantastico_de_luxe	2.8.8:r3
netenberg	fantastico_de_luxe	2.8.8:r4
netenberg	fantastico_de_luxe	2.8.8:r5
netenberg	fantastico_de_luxe	2.8.8:r6
netenberg	fantastico_de_luxe	2.8.8:r7
netenberg	fantastico_de_luxe	2.8.8:r8
netenberg	fantastico_de_luxe	2.8.8:r9
netenberg	fantastico_de_luxe	2.8.r1:r1
netenberg	fantastico_de_luxe	2.8.r2:r2
netenberg	fantastico_de_luxe	2.8.r3:r3
netenberg	fantastico_de_luxe	2.8.r4:r4
netenberg	fantastico_de_luxe	2.8.r5:r5
netenberg	fantastico_de_luxe	2.8.r6:r6
netenberg	fantastico_de_luxe	2.8.r7:r7
netenberg	fantastico_de_luxe	2.8.r8:r8
netenberg	fantastico_de_luxe	2.8.r9:r9
netenberg	fantastico_de_luxe	2.8.r10:r10
netenberg	fantastico_de_luxe	2.8.r11:r11
netenberg	fantastico_de_luxe	2.8.r12:r12
netenberg	fantastico_de_luxe	2.8.r13:r13
netenberg	fantastico_de_luxe	2.8.r14:r14
netenberg	fantastico_de_luxe	2.8.r15:r15
netenberg	fantastico_de_luxe	2.8.r16:r16
netenberg	fantastico_de_luxe	2.8.r17:r17
netenberg	fantastico_de_luxe	2.8.r18:r18
netenberg	fantastico_de_luxe	2.8.r19:r19
netenberg	fantastico_de_luxe	2.10.0:r1
netenberg	fantastico_de_luxe	2.10.0:r10
netenberg	fantastico_de_luxe	2.10.0:r11
netenberg	fantastico_de_luxe	2.10.0:r12
netenberg	fantastico_de_luxe	2.10.0:r13
netenberg	fantastico_de_luxe	2.10.0:r14
netenberg	fantastico_de_luxe	2.10.0:r15
netenberg	fantastico_de_luxe	2.10.0:r16
netenberg	fantastico_de_luxe	2.10.0:r2
netenberg	fantastico_de_luxe	2.10.0:r3
netenberg	fantastico_de_luxe	2.10.0:r4
netenberg	fantastico_de_luxe	2.10.0:r5
netenberg	fantastico_de_luxe	2.10.0:r6
netenberg	fantastico_de_luxe	2.10.0:r7
netenberg	fantastico_de_luxe	2.10.0:r9
netenberg	fantastico_de_luxe	2.10.2:r1
netenberg	fantastico_de_luxe	2.10.2:r10
netenberg	fantastico_de_luxe	2.10.2:r11
netenberg	fantastico_de_luxe	2.10.2:r12
netenberg	fantastico_de_luxe	2.10.2:r13
netenberg	fantastico_de_luxe	2.10.2:r14
netenberg	fantastico_de_luxe	2.10.2:r15
netenberg	fantastico_de_luxe	2.10.2:r16
netenberg	fantastico_de_luxe	2.10.2:r17
netenberg	fantastico_de_luxe	2.10.2:r18
netenberg	fantastico_de_luxe	2.10.2:r19
netenberg	fantastico_de_luxe	2.10.2:r2
netenberg	fantastico_de_luxe	2.10.2:r20
netenberg	fantastico_de_luxe	2.10.2:r21
netenberg	fantastico_de_luxe	2.10.2:r22
netenberg	fantastico_de_luxe	2.10.2:r23
netenberg	fantastico_de_luxe	2.10.2:r24
netenberg	fantastico_de_luxe	2.10.2:r25
netenberg	fantastico_de_luxe	2.10.2:r26
netenberg	fantastico_de_luxe	2.10.2:r27
netenberg	fantastico_de_luxe	2.10.2:r28
netenberg	fantastico_de_luxe	2.10.2:r29
netenberg	fantastico_de_luxe	2.10.2:r3
netenberg	fantastico_de_luxe	2.10.2:r30
netenberg	fantastico_de_luxe	2.10.2:r31
netenberg	fantastico_de_luxe	2.10.2:r32
netenberg	fantastico_de_luxe	2.10.2:r33
netenberg	fantastico_de_luxe	2.10.2:r34
netenberg	fantastico_de_luxe	2.10.2:r35
netenberg	fantastico_de_luxe	2.10.2:r36
netenberg	fantastico_de_luxe	2.10.2:r37
netenberg	fantastico_de_luxe	2.10.2:r38
netenberg	fantastico_de_luxe	2.10.2:r39
netenberg	fantastico_de_luxe	2.10.2:r4
netenberg	fantastico_de_luxe	2.10.2:r40
netenberg	fantastico_de_luxe	2.10.2:r41
netenberg	fantastico_de_luxe	2.10.2:r42
netenberg	fantastico_de_luxe	2.10.2:r43
netenberg	fantastico_de_luxe	2.10.2:r44
netenberg	fantastico_de_luxe	2.10.2:r45
netenberg	fantastico_de_luxe	2.10.2:r5
netenberg	fantastico_de_luxe	2.10.2:r6
netenberg	fantastico_de_luxe	2.10.2:r7
netenberg	fantastico_de_luxe	2.10.2:r8
netenberg	fantastico_de_luxe	2.10.2:r9
netenberg	fantastico_de_luxe	2.10.4:r1
netenberg	fantastico_de_luxe	2.10.4:r10
netenberg	fantastico_de_luxe	2.10.4:r11
netenberg	fantastico_de_luxe	2.10.4:r12
netenberg	fantastico_de_luxe	2.10.4:r13
netenberg	fantastico_de_luxe	2.10.4:r14
netenberg	fantastico_de_luxe	2.10.4:r15
netenberg	fantastico_de_luxe	2.10.4:r16
netenberg	fantastico_de_luxe	2.10.4:r17
netenberg	fantastico_de_luxe	2.10.4:r2
netenberg	fantastico_de_luxe	2.10.4:r3
netenberg	fantastico_de_luxe	2.10.4:r4
netenberg	fantastico_de_luxe	2.10.4:r5
netenberg	fantastico_de_luxe	2.10.4:r6
netenberg	fantastico_de_luxe	2.10.4:r7
netenberg	fantastico_de_luxe	2.10.4:r8
netenberg	fantastico_de_luxe	2.10.4:r9

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References

http://secunia.com/advisories/31863

http://securityreason.com/securityalert/4301

http://www.netenberg.com/forum/index.php?topic=6768.0

http://www.securityfocus.com/bid/31196

https://exchange.xforce.ibmcloud.com/vulnerabilities/45147

https://www.exploit-db.com/exploits/6461

http://secunia.com/advisories/31863

http://securityreason.com/securityalert/4301

http://www.netenberg.com/forum/index.php?topic=6768.0

http://www.securityfocus.com/bid/31196

https://exchange.xforce.ibmcloud.com/vulnerabilities/45147

https://www.exploit-db.com/exploits/6461