Re: SPIP v1.7 Remote File Inclusion Bug
--nextPart2919380.pqjT7UDHB0
Content-Type: text/plain;
charset="iso-8859-15"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
On Thursday 23 August 2007 12:04, system-errrror@hotmail.com wrote:
> ++ Bug in : "SPIP-v1-7r/inc-calcul.php3"
> ++-----------------------------------------------------------------------=
=2D-
> ++ Vlu Code: -----------------------------
> ++ || include($squelette_cache); ||
> ++ -----------------------------
Errr, that line is inside a function *and* the variable is even properly=20
initialized. There's no way the mentioned exploit can work.
=46urthermore, version 1.7 is over three years old. The most current versio=
n is=20
1.9.2.
=2D-=20
Magnus Holmgren holmgren@lysator.liu.se
(No Cc of list mail needed, thanks)
"Exim is better at being younger, whereas sendmail is better for=20
Scrabble (50 point bonus for clearing your rack)" -- Dave Evans
--nextPart2919380.pqjT7UDHB0
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQBGzzg6k7mRNn1h4+YRAji9AJ9OKKXFQamQdO+Ke5a4hoDNI45tAQCfbA1T
DeXjUTQ7SbI2Q4eBURyVedw=
=e0fD
-----END PGP SIGNATURE-----
--nextPart2919380.pqjT7UDHB0--
討論串 (同標題文章)