[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Re: DesktopOnNet 3 Beta LFI
From: Kurt Seifried <kseifried () redhat ! com>
Date: 2012-02-27 20:46:59
Message-ID: 4F4BEBC3.8030307 () redhat ! com
[Download RAW message or body]
On 02/27/2012 07:10 AM, Whitney Houston wrote:
> I forget to say, I want CVE number. give it to me.
>
> On Mon, Feb 27, 2012 at 2:10 PM, Whitney Houston
> <i4m4l1v3b17ch3z@gmail.com>wrote:
>
>> Hello list
>>
>> I want to report serious scary issue, I find this vulnerability that make
>> me fall off chair and giggle like silly slut.
>>
>> Project: http://sourceforge.net/projects/don3/
>>
>> <?php
>> require('system/switches.php');
>>
>> if
>> (file_exists('applications/'.$_GET["app"].'.don3app/'.$_GET["app"].'.php')){
>> $appfile = $_GET["app"];
>> $app_path = "applications/".$appfile.".don3app/";
>> } else {
>> $appfile = "frontpage";
>> $app_path = "applications/frontpage.don3app/";
>> }
>>
>> if (file_exists("library/$appfile.don3lib")){
>> $topper_array = don3_read_don3lib($appfile.".don3lib");
>> $title = $topper_array[0];
>> } else {
>> $title = "ERROR T1";
>> }
>>
>>
>> $topper_includer = 'applications/'.$appfile.'.don3app/'.$appfile.'.php';
>>
>> ....
>>
>> include ($topper_includer);
>>
>>
>> Obviously I keep this bug super secret for many month but now i release
>> for all, after my recent death.
>>
>> xx
>>
Can you please state which version(s) are vulnerable and which specific
files are vulnerable? Thanks.
--
Kurt Seifried Red Hat Security Response Team (SRT)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic