[VIM] Deja Vu: phpMyNewsletter <= 0.6.12 (l) Remote File Include Exploit
str0ke at milw0rm.com
Wed Apr 4 14:30:24 UTC 2007
Appreciate the info, changing the author and the script to reflect who
the original finder was.
On 4/4/07, George A. Theall <theall at tenablesecurity.com> wrote:
> Hey str0ke, this (milw0rm 3658) looks like a repeat of an issue reported
> back in 2002 and covered by CVE-2002-1887 / Bugtraq ID 5886:
> The first original message was for version 0.6.10. The second is for
> 0.6.11, which contains a brain-damaged attempt to fix the issue.
> Also note that the vendor link in milw0rm 3658 is actually for the
> 0.6.10 code even though bd0rk talks about 0.6.12 in the advisory.
> theall at tenablesecurity.com
More information about the VIM