My name is Manh Tuan. I'm the leader of J2TEAM, the team behind J2TEAM Security, J2TEAM Cookies, Death Click and J2TEAM Community.
- Title: FCKEditor 2.6.8 ASP Version File Upload Protection bypass
- Credit goes to: Mostafa Azizi, Soroush Dalili
There is no validation on the extensions when FCKEditor 2.6.8 ASP version is
dealing with the duplicate files. As a result, it is possible to bypass
the protection and upload a file with any extension.
- Reference: http://soroush.secproject.com/blog/2012/11/file-in-the-hole/
- Solution: Please check the provided reference or the vendor website.
Note: Quick patch for FCKEditor 2.6.8 File Upload Bypass:
In “config.asp”, wherever you have:
ConfigAllowedExtensions.Add “File”,”Extensions Here”
Change it to:
ConfigAllowedExtensions.Add “File”,”^(Extensions Here)$”