Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: phptonuke allows Remote File Retrieving
From: BlueRaven <blueraven () libero it>
Date: Thu, 17 Oct 2002 09:35:52 +0200

On Thu, Oct 17, 2002 at 05:50:10AM +0800, Zero-X ScriptKiddy wrote:
The file "phptonuke.php" from myphpnuke allows Remote File Retrieving.

Exploit Example:
http://website.com/phptonuke.php?filnavn=/etc/passwd

This is not really a specific vulnerability in the application, but a more
general PHP feature: by default, it is possible to open any world readable
file.
You can override this by using openbase_dir setting in php.ini and
restricting file operations to a specified subset of paths.

-- 
BlueRaven

There are only 10 types of people in this world...
those who understand binary, and those who don't.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]