Re: # MHG Security Team --- PHORUM 5.1.13 Remote File Inc.

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: # MHG Security Team --- PHORUM 5.1.13 Remote File Inc.
From: brian@xxxxxxxxxx
Date: 19 Jun 2006 22:20:51 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

This is a bogus report.  Please mark it as such or remove it.  This so called 
exploit is nothing but an attemtpt to defame the name of Phorum.

1. common.php is checked on the very first line of non-comment code that it is 
not being called directly.  It has been this way in all 5.x version of Phorum.

2. The varialbe $PHORUM["http_path"] is only used for redirects and echoing in 
emails.  It is never used to include or open files.

3. Versions of Phorum before 5.0 did not use the variable at all.

THE MHG Security Team owes the Phorum Development Team a public apology.

Prev by Date: Re: file include exploits in nucleus 3.23
Next by Date: Re: PHP security (or the lack thereof)
Previous by thread: # MHG Security Team --- PHORUM 5.1.13 Remote File Inc.
Next by thread: [ GLSA 200606-14 ] GDM: Privilege escalation
Index(es):
- Date
- Thread