DotClear layout/prepend.php log_dc_path Variable Remote File Inclusion

2006-06-03T09:20:07
ID OSVDB:25977
Type osvdb
Reporter OSVDB
Modified 2006-06-03T09:20:07

Description

Technical Description

This vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002). Additionally, the 'allow_url_fopen' PHP option must be set to 'on'.

References:

Vendor URL: http://www.dotclear.net/ Secunia Advisory ID:20437 Other Advisory URL: http://retrogod.altervista.org/dotclear_124_php5_xpl.html Mail List Post: http://seclists.org/lists/bugtraq/2006/Jun/0058.html FrSIRT Advisory: ADV-2006-2137 CVE-2006-2866 Bugtraq ID: 18259