[VIM] false: Agermenu 0.03

str0ke str0ke at milw0rm.com
Wed Feb 7 20:53:19 EST 2007


local inclusion looks good to go.

  if (file_exists($agermenufuncfile)) {
    include $agermenufuncfile;

/str0ke

On 2/7/07, Steven M. Christey <coley at linus.mitre.org> wrote:
>
> FRSIRT:ADV-2007-0512 mentions 0.03 as vulnerable to rootdir in
> examples/inc/top.inc.php.  This vector was published for 0.01 in
> http://www.milw0rm.com/exploits/3280, a different disclosure than what
> str0ke just mentioned.
>
> This looks legit for 0.03 too:
>
> examples/inc/top.inc.php
>
>   [first mention]
>   $sysvar_copyright_url=$rootdir."about/licenses/";
>
>   ...
>
>     if (file_exists($rootdir."inc/agermenu.func.php")) {
>     $agermenufuncfile=$rootdir."inc/agermenu.func.php";
>   }
>
>   # The new default place (from version 0.03) for
>   # the agermenu.func.php file
>   if (file_exists($rootdir."agermenu/agermenu.func.php")) {
>     $agermenufuncfile=$rootdir."agermenu/agermenu.func.php";
>   }
>
>   # Only include if the agermenu.func.php file exists
>   if (file_exists($agermenufuncfile)) {
>     include $agermenufuncfile;
>
>
> - Steve
>


More information about the VIM mailing list