Re: DotClear Full Path Disclosure Vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: DotClear Full Path Disclosure Vulnerability
From: Gmail account <god.ate.my.homework@xxxxxxxxx>
Date: Tue, 13 Feb 2007 20:57:00 +0200
Cc: Raphaël HUCK <raphael.huck@xxxxxxx>, bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <1171357839.28815.43.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
References: <20070211232018.7799.qmail@xxxxxxxxxxxxxxxxx> <1171315726.4771.15.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <45D0E15A.5000201@xxxxxxx> <1171345651.4771.20.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <45D169EA.5080508@xxxxxxx> <1171357839.28815.43.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla Thunderbird 1.5.0.9 (Windows/20061207)

Well the ideal situation for incuding files is when your root is notyout webroot.But if you dont have this you can make a workaround by placing every phpfile that is not directy called (but included) into a folder and placein it an .htaccess file with a deny from all command so it would not beaccesible from anyone through a browser.

Follow-Ups:
- Re: DotClear Full Path Disclosure Vulnerability
  - From: Cedric Blancher
- Re: DotClear Full Path Disclosure Vulnerability
  - From: Raphaël HUCK

References:
- DotClear Full Path Disclosure Vulnerability
  - From: raphael . huck
- Re: DotClear Full Path Disclosure Vulnerability
  - From: Cedric Blancher
- Re: DotClear Full Path Disclosure Vulnerability
  - From: Raphaël HUCK
- Re: DotClear Full Path Disclosure Vulnerability
  - From: Cedric Blancher
- Re: DotClear Full Path Disclosure Vulnerability
  - From: Raphaël HUCK
- Re: DotClear Full Path Disclosure Vulnerability
  - From: Cedric Blancher

Prev by Date: Re: Denial Of Service in Internet Explorer for MS Windows Mobile 5.0
Next by Date: Re: Solaris telnet vulnberability - how many on your network?
Previous by thread: Re: DotClear Full Path Disclosure Vulnerability
Next by thread: Re: DotClear Full Path Disclosure Vulnerability
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]