|
From: SourceForge.net <no...@so...> - 2011-04-17 07:46:23
|
Bugs item #3288397, was opened at 2011-04-17 11:46 Message generated for change (Tracker Item Submitted) made by rutsky You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=466456&aid=3288397&group_id=52322 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Private: Yes Submitted By: Vladimir Rutsky (rutsky) Assigned to: Nobody/Anonymous (nobody) Summary: SECURITY: Include vulnerability in web site Initial Comment: /htdocs/index.php don't sanitize input GET arguments which can lead to exploitation of include vulnerability (http://en.wikipedia.org/wiki/Include_vulnerability). For example going by this link: http://vim-latex.sourceforge.net/index.php?subject=../../newsexample/htdocs/include-vuln Will include script from another project http://newsexample.sourceforge.net/include-vuln.inc and run it's contents under vim-latex project "user". According to SourceForge web filesystem documentation (https://sourceforge.net/apps/trac/sourceforge/wiki/Project%20Web%20Filesystem%20Permissions) this can lead to overwriting of vim-latex web site files, and potential hacker can gain control over vim-latex project web site. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=466456&aid=3288397&group_id=52322 |
