Re: twlc advisory: all versions of php nuke are vulnerable...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: bugtraq@securityfocus.com
Subject: Re: twlc advisory: all versions of php nuke are vulnerable...
From: Bernd Schnitzer <bernd.schnitzer@gmx.net>
Date: Sun, 07 Oct 2001 02:05:20 +0200

>Alternative "quickfix"; change
>   "if($upload) {" to
>   "if (($upload) && ($admintest)) {"

To fix the $file/$file_name bug in admin.php, change the line
"if ((isset($file)) AND ($file != "none")) {"
to
"if ((isset($file)) AND ($file != "none") AND ($admintest)) {"

/B.S.

Prev by Date: FW: [advisory] SSRT0767u Potential rpc.ttdbserverd buffer overflow
Next by Date: OS X 10.1 and localized desktop folder still vulnerable
Previous by thread: Re: twlc advisory: all versions of php nuke are vulnerable...
Next by thread: Re: twlc advisory: all versions of php nuke are vulnerable...
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux