lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20061114144856.28607.qmail@securityfocus.com>
Date: 14 Nov 2006 14:48:56 -0000
From: navairum@...il.com
To: bugtraq@...urityfocus.com
Subject: Re: New Bug MiniBB Forum <= 2 Remote File Include (index.php)

This is bogus, about 5-10 lines above it includes a file which declares $pathToFiles.

include ('./setup_options.php');


if(!isset($startIndex)) $startIndex=$indexphp;
if(!isset($manualIndex)) $manualIndex=$indexphp.'action=manual';

$langOrig=$lang;

$indexphp=(!isset($GLOBALS['indexphp'])?'index.php':$GLOBALS['indexphp']);
if(!isset($manualIndex)) $manualIndex=$indexphp.'action=manual';
if(isset($mod_rewrite) and $mod_rewrite) $queryStr=str_replace(array('%3D0%26mdrw%3Don', '&amp;mdrw=on'), '', $queryStr);

if($useSessions) { 
$sessname=ini_get('session.name');
if($sessname=='') $sessname='PHPSESSID';
session_start();
if(!isset($$sessname)) { $indexphp.=SID.'&'; $bb_admin.=SID.'&'; } else { $indexphp.="{$sessname}=".$$sessname.'&'; $bb_admin.="{$sessname}=".$$sessname.'&'; }
}

include ($pathToFiles.'setup_'.$DB.'.php');
include ($pathToFiles.'bb_cookie.php');
include ($pathToFiles.'bb_functions.php');
include ($pathToFiles.'bb_specials.php');


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ