[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200604050523.k355NOEn008894@cairo.mitre.org>
Date: Wed, 5 Apr 2006 01:23:24 -0400 (EDT)
From: "Steven M. Christey" <coley@...re.org>
To: botan@...uxmail.org
Cc: bugtraq@...urityfocus.com
Subject: Re: FleXiBle Development Script Remote Command Exucetion And XSS Attacking
Hello botan,
I have some questions about this report.
>Web: http://www.ahbruinsma.nl
This web site requires a login. Even the front page is not
accessible.
>FleXiBle Development (FXB)
Is this a product, service, or a single web site? There is very
little information in Google.
>//Defining some functions and including them
>require('php/messages.php');
>//require base-file
>//require_once('php/base.php');
>include_once "baseconfig.inc.php";
These require/include statements do not use any variables, so the
paths cannot be controlled by a remote attacker.
>http://www.site.com/[path]/evilcode.txt?&cmd=uname -a
How does this "evilcode.txt" get into FXB? Do you upload it? Or do
you use directory traversal like ".." or "/abs/path"? Or do you do a
remote file inclusion?
Finally, your subject line says there is XSS, but your report does not
say anything about XSS. Is there also an XSS problem here?
Thank you,
Steve
Powered by blists - more mailing lists