[VIM] REMOTE FILE INCLUSION ( ALL )
George A. Theall
theall at tenablesecurity.com
Wed Jun 14 07:29:21 EDT 2006
Steven M. Christey wrote:
> I just sent the following to Bugtraq. Does anybody know of a provably
> correct disclosure from SpC-x? I've only recently noticed the name.
I don't know the answer off-hand, but I did actually set up boastMachine
3.1 and wheatblog 1.0 and tried the exploits listed in the advisories.
Neither worked for me (PHP 4.4.0 with register_globals on and
magic_quotes_gpc off).
Perhaps s/he's just basing the advisories off a not-very-deep visual
inspection. Or perhaps n3td3v has tired of playing with full-disclosure
and taken on a new set of targets along with a new alias for his fun.
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list