lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu, 24 Aug 2006 00:51:34 +0200
From: "Carsten Eilers" <ceilers-lists@....de>
To: <Outlaw@...a-security.net>, <bugtraq@...urityfocus.com>
Subject: Re: Modification For OpenSEF Remote file Inclusion

Hi,

Outlaw@...a-security.net schrieb am Sat, 19 Aug 2006 01:18:24 +0000:

>#Software: OpenSEF
>
>#Attack method: Remote File Inclusion
>
>#Description : OpenSEF is a Joomla component that extends the built-in
>SEF (Search Engine Friendly) 

Is this <http://www.open-sef.org/>?
Which version did you test?
											  
>
>#Proof of Concept:								   	  
>
>#http://www.site.com/sef.php?mosConfig_absolute_path=SHELL

In the actual Version (2.0.0-RC5_SP2) you could see

/** Ensure this file is being included by a parent file */
defined( '_VALID_MOS' ) or die( 'Direct access to this location is not
allowed.' );

at the top of the file, so it's impossible to call it
directly and manipulate any variable.

Regards
  Carsten


-- 
Dipl.-Inform. Carsten Eilers
IT-Sicherheit und Datenschutz

<http://www.ceilers-it.de>

Powered by blists - more mailing lists