[21305] in bugtraq
Re: phpMyAdmin 2.1.0 + world readable (apache) log files enable remote user to run
daemon@ATHENA.MIT.EDU (Shaun Clowes)
Mon Jul 2 16:04:21 2001
Message-ID: <007601c102e0$0c6ca0a0$1400a8c0@copperfield>
From: "Shaun Clowes" <shaun@securereality.com.au>
To: <bugtraq@securityfocus.com>
Date: Mon, 2 Jul 2001 20:16:24 +1000
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
> arbitrary PHP Codes as apache user.
> From: <sl4sh@ifrance.com>
> MIME-Version: 1.0
> Content-Type: text/plain; charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> Date: Sun, 1 Jul 2001 23:43:17 GMT
> Message-id: <200107012343.115e@lh00.opsion.fr>
>
> Note : sorry for my pity english.
Just to be clear this vulnerability is the one we reported in pre advisory
form in April (http://www.securereality.com.au/srpre00001.html) and
presented in detail at the Black Hat Briefings in Asia. All users that
applied our patch are not vulnerable to this problem. We'll be releasing a
detailed advisory describing this hole and a paper on exploiting PHP scripts
very soon.
Thanks,
Shaun
SecureReality Pty Ltd
