osCMax Security Update - Arbitrary Upload Exploit

A security hole was found in osCMax 2.0 RC 3.0.1 that allows a remote attacker to upload files to your site via a browser.

 

This is a high risk vulnerability, and as such we have released osCMax 2.0 RC 3.0.2 which no longer is vulnerable to this type of exploit. In addition, the vulnerable files have been removed from the SVN repository, for all branches (RC3, RC4).

No new files or code has been added to the package, but several files have been removed. To manually patch your site, simply delete the following files/folders from your osCMax install:

 

/catalog/FCKeditor/editor/filemanager/browser/default/connectors/asp/
/catalog/FCKeditor/editor/filemanager/browser/default/connectors/aspx/
/catalog/FCKeditor/editor/filemanager/browser/default/connectors/cfm/
/catalog/FCKeditor/editor/filemanager/browser/default/connectors/perl/
/catalog/FCKeditor/editor/filemanager/browser/default/connectors/test.html

Removing the above files/folders closes the security hole.

User List