Bugtraq mailing list archives

Re: (SRADV00001) Arbitrary file disclosure through PHP file upload

From: Brian Smith <avalon73 () ARTHURIAN NU>
Date: Mon, 4 Sep 2000 13:54:55 -0400

A couple things I see with this:

1) Wouldn't the same problem also exist if you turned register_globals off
   and used the HTTP request value arrays?

2) It's not always a problem... it all depends on what you do with the
   uploaded file.  I recently did a file upload form that merely emails
   the file as an attachment to a fixed address (for manual processing
   later)... nobody trying to exploit the script in the way that you're
   suggesting can get anything out of the script that way.

----------------------------------------------------------------------
Brian Smith  //  avalon73 () earthling net  //  http://www.arthurian.nu/
Software Developer  //  Gamer  //  Webmaster  //  System Administrator
Echelon Teasers: NSA CIA FBI Mossad MI5 Cocaine Cuba Revolution Espionage

Current thread:

(SRADV00001) Arbitrary file disclosure through PHP file upload Secure Reality Advisories (Sep 03)
- Re: (SRADV00001) Arbitrary file disclosure through PHP file upload Signal 11 (Sep 04)
  - Re: [PHP-DEV] RE: (SRADV00001) Arbitrary file disclosure through PHP file upload Rasmus Lerdorf (Sep 04)
    - Re: [PHP-DEV] RE: (SRADV00001) Arbitrary file disclosure through PHP file upload Zeev Suraski (Sep 04)
    - Message not available
    - Re: [PHP-DEV] RE: (SRADV00001) Arbitrary file disclosure throughPHP file upload Zeev Suraski (Sep 04)
- Re: (SRADV00001) Arbitrary file disclosure through PHP file upload Mads Bach (Sep 04)
- Re: (SRADV00001) Arbitrary file disclosure through PHP file upload Brian Smith (Sep 04)