Tõnu Samuel wrote:
Nice! I was really nervous already as I got bombed with e-mails and I
really did not knew much more than was discovered. Meanwhile I am bit
disappointed that we had nearly month such a bug in wild and software
distributors like SuSE in my case did not published patches. I think as
long enough time passed and I hope distributors maybe need to see it - I
publish exploit. Sorry, this was discovered independently and for me it
looks like very serious problem.
Script is:
<?php
$foobar=html_entity_decode($_GET['foo']);
echo $foobar;
?>
I very much doubt there are many applications at all containing code
like this. It is illogical to be decoding html entities from user input.
Therefore I would not call this a "very serious problem" and certainly
not a critical bug.
Jasper
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
