Home page logo

bugtraq logo Bugtraq mailing list archives

Re: (SRADV00001) Arbitrary file disclosure through PHP file upload
From: Brian Smith <avalon73 () ARTHURIAN NU>
Date: Mon, 4 Sep 2000 13:54:55 -0400

A couple things I see with this:

1) Wouldn't the same problem also exist if you turned register_globals off
   and used the HTTP request value arrays?

2) It's not always a problem... it all depends on what you do with the
   uploaded file.  I recently did a file upload form that merely emails
   the file as an attachment to a fixed address (for manual processing
   later)... nobody trying to exploit the script in the way that you're
   suggesting can get anything out of the script that way.

Brian Smith  //  avalon73 () earthling net  //  http://www.arthurian.nu/
Software Developer  //  Gamer  //  Webmaster  //  System Administrator
Echelon Teasers: NSA CIA FBI Mossad MI5 Cocaine Cuba Revolution Espionage

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]