Full Disclosure mailing list archives

Re: Advisory 16/2005: phpMyAdmin Local File Inclusion Vulnerability (Stefan Esser)

From: Stefan Esser <sesser () php net>
Date: Sun, 23 Oct 2005 21:20:42 +0200

Hello Maksymilian Arciemowicz,

It is low local file inclusion. No critical. Standart have you
$cfg['ThemePath'].


I suggest, that you actually read advisories before commenting on them.
It is possible to empty $cfg['ThemePath'] from the outside, that is the
whole clue about the exploit.
And this has nothing todo with your original advisory. Beside the fact,
that for the bug you speak about, that indeed still exists, you
additionally need register_globals turned to on.

Stefan Esser

-- 
--------------------------------------------------------------------------
 Stefan Esser                                               sesser () php net
 Hardened-PHP Project                         http://www.hardened-php.net/

 GPG-Key                gpg --keyserver pgp.mit.edu --recv-key 0x15ABDA78
 Key fingerprint       7806 58C8 CFA8 CE4A 1C2C  57DD 4AE1 795E 15AB DA78
--------------------------------------------------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Advisory 16/2005: phpMyAdmin Local File Inclusion Vulnerability (Stefan Esser) Maksymilian Arciemowicz (Oct 23)
- Re: Advisory 16/2005: phpMyAdmin Local File Inclusion Vulnerability (Stefan Esser) Stefan Esser (Oct 23)