CVE-2004-1937

Name of the Vulnerable Software and Affected Versions Nuked-KlaN versions 1.4b through 1.5b

Description The issue allows remote attackers to read or include arbitrary files via .. sequences in the user langue parameter to "index.php" or the langue parameter to "update.php". It also enables modification of arbitrary GLOBAL variables by causing "globals.php" to be loaded before "conf.inc.php" via .. sequences in the file parameter with the page parameter set to "globals", or "../globals.php" in the user langue parameter. This can be demonstrated by modifying the $nuked[prefix] variable in the Suggest module.

Recommendations For Nuked-KlaN versions 1.4b through 1.5b, consider disabling the user langue and langue parameters in the "index.php" and "update.php" files, respectively, until a patch is available. Restrict access to the "globals.php" file to minimize the risk of exploitation. Avoid using the file parameter with the page parameter set to "globals" in vulnerable versions.