Bugtraq mailing list archives
Re: phptonuke allows Remote File Retrieving
From: BlueRaven <blueraven () libero it>
Date: Thu, 17 Oct 2002 09:35:52 +0200
On Thu, Oct 17, 2002 at 05:50:10AM +0800, Zero-X ScriptKiddy wrote:
The file "phptonuke.php" from myphpnuke allows Remote File Retrieving. Exploit Example: http://website.com/phptonuke.php?filnavn=/etc/passwd
This is not really a specific vulnerability in the application, but a more general PHP feature: by default, it is possible to open any world readable file. You can override this by using openbase_dir setting in php.ini and restricting file operations to a specified subset of paths. -- BlueRaven There are only 10 types of people in this world... those who understand binary, and those who don't.
Current thread:
- phptonuke allows Remote File Retrieving Zero-X ScriptKiddy (Oct 16)
- Re: phptonuke allows Remote File Retrieving BlueRaven (Oct 17)