Bugtraq mailing list archives
Re: Fwd: Re: phpnuke, security problem...
From: "Thomas J. Stensas" <ShadowMaster () SHADOW-REALM ORG>
Date: Tue, 13 Feb 2001 11:37:58 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greets. This problem is known and fixed by the author and a patched opendir.php file have been made availible for download from the phpnuke home site. phpnuke home: http://www.phpnuke.org/ Patched opendir.php: http://www.phpnuke.org/download.php?op=mydown&did=64 - -- Yours Sincerely Thomas Juberg Stensas (ShadowMaster/HAMLET @ IRC)
-----Original Message----- From: Bugtraq List [mailto:BUGTRAQ () SECURITYFOCUS COM]On Behalf Of Peter van Dijk Sent: Monday, February 12, 2001 9:04 PM To: BUGTRAQ () SECURITYFOCUS COM Subject: Re: Fwd: Re: phpnuke, security problem... On Mon, Feb 12, 2001 at 11:07:15AM -0000, Joao Gouveia wrote: [snip]Example: http://www.phpnuke.org/opendir.php?requesturl=/etc/passwdYou can actually insert any URL instead of "/etc/passwd" and have it read. Depending on the server's configuration, this could be abused to execute PHP code, probably, and from that, any UNIX shell command. The author obviously doesn't care about security. Greetz, Peter.
-----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBOokAddmibtokx6KuEQKuZwCgrauPSZwlwRo657YRoHUATjAQEtQAoMIW JVHbb1Rt3IU/ZPKVhYdmuwTM =meWh -----END PGP SIGNATURE-----
Current thread:
- Fwd: Re: phpnuke, security problem... Joao Gouveia (Feb 12)
- Re: Fwd: Re: phpnuke, security problem... Peter van Dijk (Feb 12)
- Re: Fwd: Re: phpnuke, security problem... Thomas J. Stensas (Feb 13)
- Re: Fwd: Re: phpnuke, security problem... sam mulvey (Feb 13)
- Re: Fwd: Re: phpnuke, security problem... Peter van Dijk (Feb 12)