[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LFI On SMF 1.1.3

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: LFI On SMF 1.1.3
From: jkloske@xxxxxxxxxxxxxx
Date: 18 Jul 2007 00:51:53 -0000

Let me preface this by saying I'm not a security expert, however considering 
that the above line is immediately preceeded by:

if (!isset($_REQUEST['action']) || !isset($actionArray[$_REQUEST['action']]))

...with a default action defined by either the theme or the the SMF software 
itself (causing the LFI statement to never be reached), and that $actionArray 
is statically defined beforehand; is this really an LFI vulnerability, or just 
something that looks like the LFI pattern on the surface?

Follow-Ups:
- Re: LFI On SMF 1.1.3
  - From: Cornelius Riemenschneider

Prev by Date: Clarifications on LedgerSMB vulnerability with Bugtraq ID:24940
Next by Date: ASA-2007-017: Remote Crash Vulnerability in STUN implementation
Previous by thread: LFI On SMF 1.1.3
Next by thread: Re: LFI On SMF 1.1.3
Index(es):
- Date
- Thread