[VIM] FleXiBle Development Script Remote Command Exucetion And XSS Attacking

Steven M. Christey coley at mitre.org
Tue Apr 4 00:59:30 EDT 2006


botan at linuxmail has been posting a lot of barely-usable advisories,
including this one and the recent Warcraft III replay parser.  Anybody
with any ideas?

>FleXiBle Development (FXB)

Is this a web site, product, or service?  A Google search yields very
little information, except for the original Bugtraq post.  I cannot
find any information on this.

>Web: http://www.ahbruinsma.nl

As of April 3, you cannot read the front page.  The web site requires
authentication.


>require('php/messages.php');
>//require base-file
>//require_once('php/base.php');
>include_once "baseconfig.inc.php";

None of these statements use variables, or attacker-controlled input.


> http://www.site.com/[path]/evilcode.txt?&cmd=uname -a

It is difficult to see what kind of issue is being talked about here.

The use of a "cmd" parameter is consistent with exploits for file
inclusion, but based on the source code that was listed, there isn't
any way to control any variable.

Or maybe they mean that the site (or product) allows people to upload
files that contain PHP code, then access them later?

Or another kind of problem altogether?

Also, the title includes "XSS Attacking" but there aren't any examples
for where the XSS might be.


- Steve


More information about the VIM mailing list