lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 17 Aug 2007 16:15:25 +0430 From: "imei Addmimistrator" <addmimistrator@...il.com> To: bugtraq@...urityfocus.com Subject: Olate Download 3.4.1~environment.php.php~Code Execution VISITE ORIGINAL ADVISORY FOR MORE DETAILES http://myimei.com/security/2007-08-17/olate-download-341-environmentphpphp-code-execution.html VISITE ORIGINAL ADVISORY FOR MORE DETAILES ——————-Summary—————- Software: Olate Download Sowtware's Web Site: http://www.olate.co.uk/ Versions: 3.4.1 Class: Remote Status: Unpatched Exploit: Available Solution: Available Discovered by: imei Addmimistrator Risk Level: High —————–Description————— Olate is prone to code execution vulnerability cause of trusting to user supplied inputs in environment.php file, that is a very unusable file in software. VISITE ORIGINAL ADVISORY FOR MORE DETAILES http://myimei.com/security/2007-08-17/olate-download-341-environmentphpphp-code-execution.html VISITE ORIGINAL ADVISORY FOR MORE DETAILES -- imei Addmimistrator Visit my SeQrity Homepage at: http://myimei.com/security