[VIM] # MHG Security Team ---Rumble 1.02 version Remote File Inc.
George A. Theall
theall at tenablesecurity.com
Mon Jun 5 15:58:44 EDT 2006
FWIW, MHG Security Team recently published an advisory on Bugtraq about
a product named "Rumble", but they failed to provide a link to the
vendor or mention anything else about it.
Well, in case anyone's interested, the product seems to be this:
http://dev.lophty.com/rumble/
which is also available here:
http://www.getfreesofts.com/script/869/157/RUMBLE.html
And maybe I've just been staring at things too much today, but I fail to
see how this is a flaw as it is currently written - the script
initializes the array at the start and only sets variables, never
calling another PHP script.
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list