 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 103
 Members: 0
 Total: 103
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
viewtopic 2.0.10 |
|
 Posted: Fri Feb 11, 2005 11:18 pm |
 |
|
| moep |
| Beginner |
 |
|
| Joined: Feb 12, 2005 |
| Posts: 1 |
|
|
|
 |
|
 |
|
hi,
I read about the flaw in viewtopic and tried it out myself.
But the whole thing didn't work as it should which is a bit strange.
If I insert a %2527 it prints an error message where I can see, that it indeed leaves the ' unquoted.
| Code: | | Fatal error: Failed evaluating code: preg_replace('#\b(')\b#i', '\1', '> |
But everthing else [ e.g. = , ( , ) ] gets quoted even if it is encapsed by %2527[...]%2527. Did I get the whole thing wrong, or shouldn't the '...' prevent the replace thingy from doing so?
Is is patched then? But then it shouldn't throw a error message at all, shouldn't it?
 |
|
|
|
|
| Posted: Fri Feb 25, 2005 3:16 pm |
|
|
| y3dips |
| Valuable expert |
 |
|
| Joined: Feb 25, 2005 |
| Posts: 281 |
| Location: Indonesia |
|
|
|
|
|
|
|
_________________
IO::y3dips->new(http://clog.ammar.web.id); |
|
|
|
| Posted: Mon May 30, 2005 12:41 pm |
|
|
| erila |
| Regular user |
 |
|
| Joined: May 30, 2005 |
| Posts: 8 |
|
|
|
|
|
|
|
Hi
That URL appears to be dead now - is the paper available elsewhere?
I'm looking for info about exploits in 2.0.10 myself now.
Thanks in advance. |
|
|
|
|
| Posted: Mon May 30, 2005 2:05 pm |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| erila wrote: | Hi
That URL appears to be dead now - is the paper available elsewhere?
I'm looking for info about exploits in 2.0.10 myself now.
Thanks in advance. |
I did some Google query and found this mirror location:
www.geocities.com/paperecho/phpbbworm-eng.pdf
 |
|
|
|
|
|
|
|
|
| Posted: Tue May 31, 2005 2:43 pm |
|
|
| y3dips |
| Valuable expert |
|
|
| Joined: Feb 25, 2005 |
| Posts: 281 |
| Location: Indonesia |
|
|
|
|
|
|
| waraxe wrote: | | erila wrote: | Hi
That URL appears to be dead now - is the paper available elsewhere?
I'm looking for info about exploits in 2.0.10 myself now.
Thanks in advance. |
I did some Google query and found this mirror location:
www.geocities.com/paperecho/phpbbworm-eng.pdf
|
waraxe already open the secret 
yes i store it in geocities, you know they have limited bandwidth for an hour , so if its dead maybe u can download it in another time , coz my echo.or.id has limited bandwidth too thats why i place it in geocities :p 
but Now my friends (echo staff) has mirror it , u can download it from here
http://mirror.dedidwianto.or.id/echo/paper/phpbbworm-eng.pdf |
|
_________________
IO::y3dips->new(http://clog.ammar.web.id); |
|
|
|
|
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
