[VIM] Help Center Live

George A. Theall theall at tenablesecurity.com
Wed Aug 2 11:58:55 EDT 2006

I don't know if anyone's looked into this yet, but the flaw in Help
Center Live reported by Dr. Google (see BID 19256) is a local file
include flaw, not just a directory traversal. It is also closely related
to an earlier flaw, covered by BID 15404. To fix that issue, the code in
'templates/*/module.tpl' was changed from:


to this:

  if (!strpos($_GET['file'], '..')) {

Trouble is, strpos() returns 0 if 'file' starts with ".." so the code
change only partially resolved the earlier issue.

theall at tenablesecurity.com

More information about the VIM mailing list