CVE-2006-5167

Name of the Vulnerable Software and Affected Versions BasiliX versions 1.1.1 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the BSX LIBDIR parameter in various scripts, including "abook.php3", "compose-attach.php3", "compose-menu.php3", "compose-new.php3", "compose-send.php3", "folder-create.php3", "folder-delete.php3", "folder-empty.php3", "folder-rename.php3", "folders.php3", "mbox-action.php3", "mbox-list.php3", "message-delete.php3", "message-forward.php3", "message-header.php3", "message-print.php3", "message-read.php3", "message-reply.php3", "message-replyall.php3", "message-search.php3", and "settings.php3". Additionally, the BSX HTXDIR parameter in "files/login.php3" is vulnerable.

Recommendations For BasiliX versions 1.1.1 and earlier, consider disabling the BSX LIBDIR and BSX HTXDIR parameters in the affected scripts until a patch is available. Restrict access to the vulnerable scripts to minimize the risk of exploitation. Avoid using the BSX LIBDIR and BSX HTXDIR parameters in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.