[VIM] [false-report] [saw_xyz at yahoo.com: wwwpaintboar(newsfile) Remote File Inclusion Vulnerability] (fwd)

rkeith at securityfocus.com rkeith at securityfocus.com
Fri Mar 9 15:54:40 UTC 2007


The vendor page and the product name dont exist (according to Google). Changing 
it to wwwpaintboard (adding a D) however does reveal a product. That software 
also has the reported script and parameter. But, the script also calls a 
config.php file which clearly defines the parameter.

http://obiewebsite.sourceforge.net/obie.php?WWW_Paint_Board

So, presuming that is the correct software, it is a false report.
--
Rob Keith
Symantec


----- Forwarded message from saw_xyz at yahoo.com -----

From: saw_xyz at yahoo.com
Subject: wwwpaintboar(newsfile) Remote File Inclusion Vulnerability
To: bugtraq at securityfocus.com
Date: 9 Mar 2007 10:43:48 -0000
X-Mailer: MIME-tools 5.411 (Entity 5.404)
Message-ID: <20070309104348.24662.qmail at securityfocus.com>

> wwwpaintboar(newsfile) Remote File Inclusion Vulnerability
> -----------------------------------------------------------
> Version : 1.0
> Website URL: http://phpforge.oirac.com/
> -----------------------------------------------------------
> Discoved by saw_xyz (sasan)
> [XIII Security Researcher]
> Gr33tZ t0 :Snake
> My Home : www.saw13.com
> fuck ahsyane st an davood [ashy member]
> -----------------------------------------------------------
> Vulnerable codeZ is in editor.php
> in line 261 :
> <? include "$newsfile"; ?>
> -----------------------------------------------------------
> Ex:
> http://127.0.0.1/%5bpatch%5d/editor.php?newsfile=%5bevil script]

----- End forwarded message -----

-- 
Dave McKinney
Symantec

keyID: BF919DD7
key fingerprint = 494D 6B7D 4611 7A7A 5DBB  3B29 4D89 3A70 BF91 9DD7


More information about the VIM mailing list