[VIM] weird: YaPig 0.95b RFI on milw0rm

Steven M. Christey coley at mitre.org
Thu May 3 22:58:51 UTC 2007


str0ke,

milw0rm 3834 doesn't seem to be an exploit, it's just a verbatim copy
of the file add_comment.php, as I obtained from yapig 0.95b download
at http://sourceforge.net/project/showfiles.php?group_id=93674

Surface-level analysis might indicate file overwriting or RFI related
to BASE_DIR or TEMPLATE_DIR, but those variables are defined to
constant values in config.php.

Any clarification?

- Steve


More information about the VIM mailing list