artmedic_links5 PHP Script (include path) vuln

From: Adam n30n Simuntis (n30n_at_satfilm.net.pl)
Date: 06/25/04

  • Next message: Khan Shirani: "multiple remote & local buffer overflows discovered in Drcatd" 
    Date: 25 Jun 2004 16:51:25 -0000
To: bugtraq@securityfocus.com
    ('binary' encoding is not supported, stored as-is)

    There's a possilbity of looking at files (with apache priviliges) using artmedic_links5 (php script).
    (http://www.artmedic-phpscripts.de/artmedic_links.php).

    Vulnerability (include path) is in index.php, standard use:

    hostname/artmedic_links5/index.php?id=[file] or index.php?id=[url]

    I noticed there's a lot of .de boxes comming around with artmedic_links5 thingie.

    Regards.
    Adam "n30n" Simuntis
    n30n@satfilm.net.pl

  • Next message: Khan Shirani: "multiple remote & local buffer overflows discovered in Drcatd"

    Relevant Pages

    • [NEWS] %u Encoding IDS Bypass Vulnerability (UTF)
      ... %u Encoding IDS Bypass Vulnerability (UTF) ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... A security vulnerability has been found in the way many Intrusion ...
      (Securiteam)
    • %u encoding IDS bypass vulnerability
      ... %u encoding IDS bypass vulnerability ... Cisco Secure Intrusion Detection System, formerly known as NetRanger, Sensor ...
      (NT-Bugtraq)
    • %u encoding IDS bypass vulnerability
      ... %u encoding IDS bypass vulnerability ... Cisco Secure Intrusion Detection System, formerly known as NetRanger, Sensor ...
      (Focus-IDS)
    • %u encoding IDS bypass vulnerability
      ... %u encoding IDS bypass vulnerability ... Cisco Secure Intrusion Detection System, formerly known as NetRanger, Sensor ...
      (Bugtraq)
    • %u encoding IDS bypass vulnerability
      ... %u encoding IDS bypass vulnerability ... Cisco Secure Intrusion Detection System, formerly known as NetRanger, Sensor ...
      (Focus-Microsoft)