|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: (SRADV00001) Arbitrary file disclosure through PHP file upload
From: Brian Smith (avalon73
ARTHURIAN.NU)Date: Mon Sep 04 2000 - 12:54:55 CDT
- Next message: Georgi Guninski: "IE 5.5 Cross Frame security vulnerability - Web Browser Control's Navigate method"
- Previous message: Juliano Rizzo: "Re: Neotrace v2.12a Buffer Overflow [?]"
- In reply to: Secure Reality Advisories: "(SRADV00001) Arbitrary file disclosure through PHP file upload"
- Reply: Brian Smith: "Re: (SRADV00001) Arbitrary file disclosure through PHP file upload"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
A couple things I see with this:
1) Wouldn't the same problem also exist if you turned register_globals off
and used the HTTP request value arrays?
2) It's not always a problem... it all depends on what you do with the
uploaded file. I recently did a file upload form that merely emails
the file as an attachment to a fixed address (for manual processing
later)... nobody trying to exploit the script in the way that you're
suggesting can get anything out of the script that way.
----------------------------------------------------------------------
Brian Smith // avalon73earthling.net // http://www.arthurian.nu/
Software Developer // Gamer // Webmaster // System Administrator
Echelon Teasers: NSA CIA FBI Mossad MI5 Cocaine Cuba Revolution Espionage
- Next message: Georgi Guninski: "IE 5.5 Cross Frame security vulnerability - Web Browser Control's Navigate method"
- Previous message: Juliano Rizzo: "Re: Neotrace v2.12a Buffer Overflow [?]"
- In reply to: Secure Reality Advisories: "(SRADV00001) Arbitrary file disclosure through PHP file upload"
- Reply: Brian Smith: "Re: (SRADV00001) Arbitrary file disclosure through PHP file upload"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]