On 02/08/2011 05:32 PM, Robert Hajime Lanning wrote: > That line is including a source file into the interpreter. > > Without the "preg_match" verification, they are able to "../../..." > their way to the php file upload directory. Where this statement would > then include their trojan file. > > With the "preg_match" verification, this line will drop out, if the > cookie contains the dangerous characters like "../". (anything other > than alphanumeric and ".")
I understand that, the problem I have is that there isn't any way for unauthenticated users to upload files to this server. This makes me worried that we didn't patch the actual vulnerability and instead just patched one path to the vulnerability. -- Thanks Jefferson Cowart [email protected] _______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
