Multiple vulnerabilities have been identified in Lurker, which could be exploited by attackers to bypass security restrictions, disclose sensitive information, and execute arbitrary scripting code.

The first flaw is due to an input validation error in the "lurker.cgi" script that does not properly validate certain parameters, which could be exploited by remote attackers to read arbitrary files.

The second issue is due to an unspecified error which can be exploited by attackers to create or overwrite arbitrary files in any writable directory called "mbox".

The third vulnerability is due to unspecified input validation errors when handling certain variables, which could be exploited by attackers to cause malicious scripting code to be executed by the user's browser in the security context of an affected Web site.

Affected Products

Lurker versions 0.1a through 2.0

Solution

Upgrade to Lurker version 2.1 :
http://sourceforge.net/projects/lurker/

References

http://www.vupen.com/english/advisories/2006/0850
http://sourceforge.net/project/shownotes.php?release_id=399034&group_id=8168

Credits

Vulnerabilities reported by Moritz Naumann

Changelog

2006-03-06 : Initial release

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.