[VIM] CVE-2006-7184 / OSVDB 33999 (Exhibit Engine)
George A. Theall
theall at tenablesecurity.com
Mon Jan 5 00:59:57 UTC 2009
On Jan 3, 2009, at 2:40 AM, security curmudgeon wrote:
> CVE shows provenance unknown. I noticed that CVE/osvdb say
> "fstyles.php" and "fetchsettings.php" are vulnerable. Nessus plugin
> 23640 shows "styles.php" and I presume the author (not Tenable)
> tested the script.
I grabbed the source for version 1.22 when Justin wrote the Nessus
plugin. The distribution tarball contains 'fetchsettings.php' and a
'styles.php' but no 'fstyles.php'.
I also have the source for the earlier 1.5 RC4 -- that contains
'fetchsettings.php' but not 'styles.php' or 'fstyles.php'.
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list