[VIM] PBLang 4.60 <= (index.php) Remote File Include Vulnerability

George A. Theall theall at tenablesecurity.com
Fri Feb 16 12:37:02 EST 2007


This concerns the remote file include reported in PBLang here:

   http://www.securityfocus.com/archive/1/460315/30/0/threaded

The code in index.php starts with:

   require ('header.php');
   include("global.php");
   include($dbpath."/settings.php");

header.php just sets some http headers, starts a session, and other 
sorts of housekeeping; it doesn't reference $dbpath or include other files.

global.php doesn't exist out of the box but gets created as part of the 
install to initialize constants, including $dbpath. At least as created, 
it does not give a remote user any way to overwrite the setting for 
$dbpath or use it, even indirectly. So this report looks bogus to me.

Btw, the download link in the advisory leads to version 4.65 as part the 
enclosed docs/PBLang-update.txt (look at the bottom), not 4.60 as 
claimed in the posting.

George
-- 
theall at tenablesecurity.com


More information about the VIM mailing list