mailing list archives
Re: The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit
From: "Steven M. Christey" <coley () mitre org>
Date: Tue, 10 Oct 2006 19:30:15 -0400 (EDT)
index.php seems patched to me.
The following code was in 2.15, which also suggests that the issue
might not exist, at least for index.php:
$isearch_path = '.';
However, there are other uses of $isearch_path later on in the code
So, we might want to look into inc/core.inc.php and other include
files for evidence of dynamic variable evaluation or other
functionality that could overwrite $isearch_path for the later
Unfortunately, core.inc.php is encoded with the statement "This file
is protected by copyright law and provided under license. Reverse
engineering of this file is strictly prohibited."
At this point, the original report is not provably erroneous without
doing the base64-decode of the protected file and peeking in. But
since this post is about technical accuracy and not legal matters,
I'll stop there.
- Re: The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit Steven M. Christey (Oct 11)