lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 28 Apr 2004 11:03:26 +0200
From: BlueRaven <blue@...enconsulting.it>
To: bugtraq@...urityfocus.com
Subject: Re: phpBB 2.0.8a and lower - IP spoofing vulnerability


On Wed, Apr 21, 2004 at 09:10:55AM +0800, Xin LI wrote:

Hi Xin, I think there's an error in your patch:

> -		if ( !$db->sql_query($sql) )
> +		if ( $user_id != ANONYMOUS && !$db->sql_query($sql) )

This does NOT prevent execution of the query, only effects output of the
message:

>  		{
>  			message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
>  		}

I think it should read as follows:

             if ( $user_id != ANONYMOUS ) {
		if ( !$db->sql_query($sql) {
                   message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
		}
             }

I'm not great PHP programmer, though, so please correct me if I'm wrong.
Cheers! :-)

-- 
#include <best/regards.h>

BlueRaven

Did you know that if you play a Windows 2000 CD backwards, you will hear
the voice of Satan? That's nothing!
If you play it forward, it'll install Windows 2000.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ