[VIM] FALSE -> 2bgal RFI
Heinbockel, Bill
heinbockel at mitre.org
Fri Apr 27 14:14:51 UTC 2007
Another dispute of Born To K!LL:
BUGTRAQ:20070331 2BGal 3.1.1 <= (admin/index.php) Remote File Include
Vulnerability
http://marc.info/?l=bugtraq&m=117552845904509&w=2
CVE-2007-1852
The lang_filename parameter is defined the line above where it
is used in both index.php and backupdb.inc.php.
In admin/index.php (line 73-74):
> $lang_filename = "lang/".$lang."/index.inc.php";
> require($lang_filename);
*****************************************************************
In admin/backupdb.inc.php:
line 17-18:
> //securite #1 : pas d'appel direct du fichier
> if (!defined('STAYONINCLUDE')) {exit;}
line 28-29:
> $lang_filename = "lang/".$lang."/backupdb.inc.php";
> require($lang_filename);
William Heinbockel
Infosec Engineer, Sr.
The MITRE Corporation
202 Burlington Rd. MS S145
Bedford, MA 01730
heinbockel at mitre.org
781-271-2615
More information about the VIM
mailing list