[VIM] Ptag <= 4.0.0 Multiple RFI Exploit

George A. Theall theall at tenablesecurity.com
Tue Dec 22 19:45:49 UTC 2009

Exploit-DB #10562 also looks bogus to me.

One of the PoCs is:


cr4wl3r helpfully includes a snippet of the affected code:

   //Plottable Tagboard Systems Version 4.0.0 - ROLAND
   //Session handling File


Note that 'ptag_dir' isn't a variable in the PHP code, but a define so  
it's not under a remote attacker's control.

I wondered if there was simply a typo in the advisory, but alas, no,  
as you can see from:


theall at tenablesecurity.com

More information about the VIM mailing list