Great Bug indeed!
But don't you think this issue is kind of similar to issue 3 in this
(old) advisory:
http://archives.neohapsis.com/archives/bugtraq/2003-01/0203.html
Regards,
Peter zenster
___
Full-Disclosure - We believe in it.
Charter:
z3n wrote:
Great Bug indeed!
But don't you think this issue is kind of similar to issue 3 in this
(old) advisory:
http://archives.neohapsis.com/archives/bugtraq/2003-01/0203.html
Well, actually, I think this is some kind of feature and is associated with
the behavior that is i.e.
Christopher Kunz writes:
Well, actually, I think this is some kind of feature and is associated with
the behavior that is i.e. demonstrated on default installations of Apache (which
have several index.html index.html.de .en .jp etc.), only that this time not
mod_negotiation, but mod_mime is
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
z3n wrote:
Great Bug indeed!
But don't you think this issue is kind of similar to issue 3 in this
(old) advisory:
http://archives.neohapsis.com/archives/bugtraq/2003-01/0203.html
Indeed it appears that 2.0.44 did not completely plug the
I suppose this is a great bug. It work also on apache 2. If a user can
upload a file and it's extension isn't associated to a mime-type, the
server processes it as a php file..
Stanza
On 12/5/05, Chris Umphress [EMAIL PROTECTED] wrote:
On 12/4/05, Ron [EMAIL PROTECTED] wrote:
I'm not sure
Hello,
Ron wrote:
In Apache 1.3.33 (untested on any other version), if you have a file
called file.php.bak, and you navigate to it in the browser, it will run
on the server as a .php file. This works with any extension that isn't
known to the server (.rar, .bak, .test, .java, .cpp, .c,
I think this is due to Apache's mod_mime_magic:http://httpd.apache.org/docs/1.3/mod/mod_mime_magic.html Lots of phishers are using files named *.php.rar recently.
On 12/5/05, Simon Richter [EMAIL PROTECTED] wrote:
Hello,Ron wrote: In Apache 1.3.33 (untested on any other version), if you have a
-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Bug with .php extension?
I suppose this is a great bug. It work also on apache 2. If a user can
upload a file and it's extension isn't associated to a mime-type, the
server processes it as a php file..
Stanza
On 12/5/05, Chris Umphress [EMAIL
http://localhost:8080/error%2e%70%68%70.log also works
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
recognixed extentions (txt, gif, html) or *not* interpreted as php on
my machine, just as text.
Apache/2.0.54 (Win32) PHP/5.0.4
On 05/12/05, John Bond [EMAIL PROTECTED] wrote:
http://localhost:8080/error%2e%70%68%70.log also works
___
Full-Disclosure
I'm not sure whether this is something that's well known, but I've never
seen anything about it, and I nearly got burned by it, so I figured I'd
post it here.
In Apache 1.3.33 (untested on any other version), if you have a file
called file.php.bak, and you navigate to it in the browser, it
On 12/4/05, Ron [EMAIL PROTECTED] wrote:
I'm not sure whether this is something that's well known, but I've never
seen anything about it, and I nearly got burned by it, so I figured I'd
post it here.
In Apache 1.3.33 (untested on any other version), if you have a file
called file.php.bak,
12 matches
Mail list logo
