TYPO3 'BACK_PATH' Parameter Local File Include Vulnerability Network Vulnerability

Summary

This host is running TYPO3 and is prone to local file inclusion vulnerability.

Impact

Successful exploitation could allow an attacker to obtain arbitrary local files in the context of an affected site. Impact Level: Application

Solution

Upgrade to TYPO3 version 4.5.9 or 4.6.2 or later, For updates refer to http://typo3.org/download/packages/

Insight

The flaw is due to an input passed to the 'BACK_PATH' parameter in 'typo3/sysext/workspaces/Classes/Controller/AbstractController.php' is not properly verified before being used to include files.

Affected

TYPO3 version 4.5.x before 4.5.9, 4.6.x before 4.6.2 and development versions of 4.7

Detection

Send a Crafted HTTP GET request and check whether it is able to get sensitive information.

References

http://secunia.com/advisories/47201
http://www.osvdb.org/77776
http://xforce.iss.net/xforce/xfdb/72959

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4614

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
Advantech WebAccess Multiple Stack Based Buffer Overflow Vulnerabilities
Apache ActiveMQ Multiple Vulnerabilities
AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities
Apache Tomcat RemoteFilterValve Security Bypass Vulnerability

Take action and discover your vulnerabilities