[VIM] Pluck 4.6.2 (langpref) Local File Inclusion Vulnerabilities
Steven M. Christey
coley at linus.mitre.org
Mon May 18 19:52:51 UTC 2009
On Mon, 18 May 2009, str0ke wrote:
> There isn't a data directory in the same folder as the vulnerable
> scripts. So it will error in inclusion on most of the lines except the
> 3rd one if register globals = on.
... which means they fall through and $langpref is set externally, right?
I forgot about that little feature.
My kingdom for a cheat sheet to remind us of all these different PHP
oddities :-) (we've got a limited one for CVE)
While I'm sharing - add show_source and highlight_file to your list of
dangerous LFI functions. These are intended to perform syntax
highlighting of PHP program files, but they let regular files through just
fine. CVE-2009-1653 / MILW0RM:8667 has this. Does anybody know of any
earlier vulnerability report of this function?
- Steve
More information about the VIM
mailing list