File System Vulnerability For Magento

New FILE SYSTEM VULNERABILITY has been discovered in Magento that enables an attacker to execute arbitrary code on your magento server. Just create a file with .CSV extension, create writable directories, and change the permission of existing files to world writable(777). The issue affects all shipping versions of Magento Community Edition (CE) and Enterprise Edition (EE).

Operating system Versions affected are:

  • CentOS 5.x and 6.x.
  • RedHat Enterprise Linux 5.x and 6.x.

DETERMINING YOUR VULNERABILITY TO THE FILE SYSTEM ATTACK:
To confirm you are Vulnerable create a file named test.php.csv anywhere in your web server’s docroot with the following contents:

?php
phpinfo()

Display that page in a web browser. (For example, http://www.example.com/path/test.php.csv
If your browser saves the file or prompts you to save the file instead of displaying it, your server is not vulnerable.