Bugtraq mailing list archives
Re: Re: # MHG Security Team --- PHP NUKE All version Remote File Inc.
From: "Steven M. Christey" <coley () mitre org>
Date: Fri, 2 Jun 2006 16:23:40 -0400 (EDT)
include("../../../mainfile.php"); include($phpbb_root_path.'common.'.$phpEx); ... in mainfile.php at lines 54-56 ... import_request_variables('GPC');
Oh, OK - now that makes sense. This looks like one aspect of the "globals overwrite" problem as originally documented by Stefan Esser in the article "$GLOBALS Overwrite and it's Consequences" http://www.hardened-php.net/index.76.html The article mentions extract() as well, and the behavior differs between PHP4 and PHP5. With respect to variables that seem to be cleansed - I've seen this odd behavior once or twice before, but I don't remember the specifics and can't dig up the Bugtraq post :-( - Steve
Current thread:
- Re: # MHG Security Team --- PHP NUKE All version Remote File Inc. rgod (Jun 01)
- <Possible follow-ups>
- Re: Re: # MHG Security Team --- PHP NUKE All version Remote File Inc. nukedx (Jun 02)
- Re: Re: # MHG Security Team --- PHP NUKE All version Remote File Inc. Steven M. Christey (Jun 02)