oss-sec mailing list archives
Re: Re: DesktopOnNet 3 Beta LFI
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 27 Feb 2012 13:46:59 -0700
On 02/27/2012 07:10 AM, Whitney Houston wrote:
I forget to say, I want CVE number. give it to me. On Mon, Feb 27, 2012 at 2:10 PM, Whitney Houston <i4m4l1v3b17ch3z () gmail com>wrote:Hello list I want to report serious scary issue, I find this vulnerability that make me fall off chair and giggle like silly slut. Project: http://sourceforge.net/projects/don3/ <?php require('system/switches.php'); if (file_exists('applications/'.$_GET["app"].'.don3app/'.$_GET["app"].'.php')){ $appfile = $_GET["app"]; $app_path = "applications/".$appfile.".don3app/"; } else { $appfile = "frontpage"; $app_path = "applications/frontpage.don3app/"; } if (file_exists("library/$appfile.don3lib")){ $topper_array = don3_read_don3lib($appfile.".don3lib"); $title = $topper_array[0]; } else { $title = "ERROR T1"; } $topper_includer = 'applications/'.$appfile.'.don3app/'.$appfile.'.php'; .... include ($topper_includer); Obviously I keep this bug super secret for many month but now i release for all, after my recent death. xx
Can you please state which version(s) are vulnerable and which specific files are vulnerable? Thanks. -- Kurt Seifried Red Hat Security Response Team (SRT)
Current thread:
- DesktopOnNet 3 Beta LFI Whitney Houston (Feb 27)
- Re: DesktopOnNet 3 Beta LFI Whitney Houston (Feb 27)
- Re: Re: DesktopOnNet 3 Beta LFI Kurt Seifried (Feb 27)
- Re: DesktopOnNet 3 Beta LFI Whitney Houston (Feb 27)