>Under some circumstances this may lead to other >consequences. For example I
>was able
>to code local root exploit using some very common >suid binary, althou...
What do you think of publishing the code? Other researchers could learn
something from it. Myself included.
In my eyes this is definitely a security issue. But I cannot imagine a way to
exploit this issue at the moment. First you have to find a suid binary which
fork()'s. Next thing is that you need access to that binary. And then? If both
conditions are really met, what's next? The possibilities are
funny advisory.. ;)
Here is our fix:
-
if ($_GET['page'] < "0")
{
$this->page = 1;
}
-
Add this near line 480 in function getPostIds()
And by the way this isn't critical, because intval is used before, not because