lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <466096E9.1000408@phpbb.com>
Date: Fri, 01 Jun 2007 23:00:09 +0100
From: Ashley Pinner <neothermic@...bb.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: 0DAY RFI in phpBB <= 2.0.22 HOT

Renzen,

As has already been noted, functions_post.php has this at the top:

if (!defined('IN_PHPBB'))
{
	die('Hacking attempt');
}

Accessing functions_post.php directly does not set this variable, ergo
you will not be able to influence the includes below that line.

This is the case with most of the files in the includes directory; any
file that does not include the above lines does not have any code
outside of just functions and thus you are unable to influence the
variables as they would be out of scope.

If you feel that you have found a vulnerability, I would encourage you
to use our Security tracker to make a report, which can be found here:
http://www.phpbb.com/security/

Thank you,

NeoThermic
Support Team member, Incident Investigation Team leader, Audit Team member.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ