[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit

To: Frank Reißner <mail@xxxxxxxxxxxxxxxxx>, <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: Re: WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit
From: "Carsten Eilers" <ceilers-lists@xxxxxx>
Date: Fri, 8 Sep 2006 08:57:22 +0200

Hi Frank,

Frank Reißner schrieb am Fri, 8 Sep 2006 03:14:15 +0200:

>You can bypass unset in php < 4.4.4 and < 5.14. :)   

Yes. But that's a vulnerability in PHP, not in
whatever script make use of it.

Regards
  Carsten

-- 
Dipl.-Inform. Carsten Eilers
IT-Sicherheit und Datenschutz

<http://www.ceilers-it.de>

References:
- AW: WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit
  - From: Frank Reißner

Prev by Date: MagpieRSS (a simple RSS integration tool) Full path vul
Next by Date: R: Linux kernel source archive vulnerable
Previous by thread: AW: WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit
Next by thread: FreeBSD Security Advisory FreeBSD-SA-06:19.openssl
Index(es):
- Date
- Thread