[20030] in bugtraq
Re: Php-nuke exploit...
daemon@ATHENA.MIT.EDU (Cedric)
Wed Apr 4 22:01:49 2001
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <503516133.20010404120915@cedric.net>
Date: Wed, 4 Apr 2001 12:09:15 +0200
Reply-To: Cedric <mailing-lists@cedric.net>
From: Cedric <mailing-lists@cedric.net>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.21.0104021524430.21403-100000@krusty.linuxcolombia.com.co>
Hello Juan,
JD> This went public today... there are a bug in the banner section of
JD> php-nuke (http://www.phpnuke.org) which is web engine...
JD> the problem is you can change the url banners form anywhere, to anywhere
A fix is available (since 8/03/2001)
http://phpnuke.org/download.php?dcategory=Fixes
