Hi,
There is a security problem on the file_exists() function who allows
unauthorized users to bypassing the function.
For example, an user use this function for checking the existence and
display the source code of his file my_file.php in the /test
directory.
He use for this a script like
There are various methods for securing file_exists() ...
If you want to secure ... so that's unsecure , is'nt it ?
I didn't say that file_exists() is secure, did I?
I don't think that is critical problem.
If it's not a problem Why you show us a methode to secure ?
I didn't say that it is
There are various methods for securing file_exists() ...
If you want to secure ... so that's unsecure , is'nt it ?
I didn't say that file_exists() is secure, did I?
I don't think that is critical problem.
If it's not a problem Why you show us a methode to secure ?
I didn't say that
There are various methods for securing file_exists() ...
If you want to secure ... so that's unsecure , is'nt it ?
I don't think that is critical problem.
If it's not a problem Why you show us a methode to secure ?
I think many programmers don't know this problem exists !
But there is too much
Nourredine Himeur wrote:
There are various methods for securing file_exists() ...
If you want to secure ... so that's unsecure , is'nt it ?
I don't think that is critical problem.
If it's not a problem Why you show us a methode to secure ?
I think many programmers don't know
Hello,
first of all I find it funny that you now report this hole
to full-disclosure. We (at [EMAIL PROTECTED]) got the same
mail (with the same examples/text) from a person with a totally
differen name a while ago.
---
?
Hi,
Nourredine Himeur [EMAIL PROTECTED] wrote:
In the same directory :
test.php
---
?
if(file_exists($page)){
echo(Sorry the local page is protected);
}else{
include($page);
}
?
But all bugs aren't a vulnerability.
I don't thinks , for me , all bugs ARE a vulnerability.
You show only my example but imagine you want to verifie if do this :
http://www.security-challenge.com/123456/outils/source.php
traduct:
Lire une source HTML = Read a HTML source
source.php:
Hello,
file_exists() has a bug, yes. It should indicate whether a file exists or
not and you demonstrated that it doesn't in a special case. But all bugs
aren't a vulnerability.
The mistake is in the code you supplied. I'm not the first to tell it. You
told that the code is only an example,
Subject: Re: Re: [Full-Disclosure] file_exists() bypassing , critical
problem ?
There are various methods for securing file_exists() ...
If you want to secure ... so that's unsecure , is'nt it ?
I don't think that is critical problem.
If it's not a problem Why you show us a methode to secure
Nourredine Himeur wrote:
But all bugs aren't a vulnerability.
I don't thinks , for me , all bugs ARE a vulnerability.
Your personal opinion doesn't matter, facts do.
traduct:
Lire une source HTML = Read a HTML source
source.php:
11 matches
Mail list logo