lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20070522090607.30570.qmail@securityfocus.com>
Date: 22 May 2007 09:06:07 -0000
From: tchouamou@...il.com
To: bugtraq@...urityfocus.com
Subject: Remedy  for: Remot File Include In phpexplorator_2_0

Best Remedy:
 Configure a web server authentification for using file phpexplorator.php.
Good Remedy: 
   Use phpexplorator.class.php and personalise it like your want see (http://sourceforge.net/forum/forum.php?thread_id=1664845&forum_id=637317)

Another remedy:
Permute line 4902 with line 4903 like this:
 /*4902*/         $this->language = $this->load_lang($this->config);
 /*4903*/         if ($this->login()) {
 //               


to


/*4902*/         if ($this->login()) {
 /*4903*/         $this->language = $this->load_lang($this->config);

Next Remedy:
Download update from (http://sourceforge.net/project/showfiles.php?group_id=183073)



Thanks



By Tchouamou Eric Herve (http://sourceforge.net/users/tchouamoueric/)
Author of: PhpExplorator
From: Cameroon

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ