Re: WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit
From: "Carsten Eilers" <ceilers-lists@xxxxxx>
Date: Fri, 8 Sep 2006 08:57:22 +0200
In-reply-to: <200609080114.k881EToo005106@xxxxxxxxxxxxxxxxx>
References: <200609080114.k881EToo005106@xxxxxxxxxxxxxxxxx>

Hi Frank,

Frank Reißner schrieb am Fri, 8 Sep 2006 03:14:15 +0200:

>You can bypass unset in php < 4.4.4 and < 5.14. :)   

Yes. But that's a vulnerability in PHP, not in
whatever script make use of it.

Regards
  Carsten

-- 
Dipl.-Inform. Carsten Eilers
IT-Sicherheit und Datenschutz

<http://www.ceilers-it.de>

References:
- AW: WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit
  - From: Frank Reißner

Prev by Date: Re: RSA SecurID SID800 Token vulnerable by design
Next by Date: XHP CMS v0.5.1 Vuls Xss and Full path vuls
Previous by thread: AW: WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit
Next by thread: FreeBSD Security Advisory FreeBSD-SA-06:19.openssl
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux