Package: jsboard Version: 2.0.10-2 Severity: grave Tags: sarge sid security patch
Please fix the directory traversal vulnerability. http://marc.theaimsgroup.com/?l=bugtraq&m=110627201120011&w=2 Details ======= PHP has a feature discarding the input values containing null characters when magic_quotes_gpc = off. Because JSBoard session.php doesn't sanitize $table variable, a malicious attacker can read arbitrary files. --- include_once "include/print.php"; parse_query_str(); $opt = $table ? "&table=$table" : ""; $opts = $table ? "?table=$table" : ""; ...snip... --- This is CAN-2005-0300 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0300 Reference: BUGTRAQ:20050120 STG Security Advisory: [SSA-20050120-22] JSBoard file disclosure Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=110627201120011&w=2 Reference: BID:12319 Reference: URL:http://www.securityfocus.com/bid/12319 Reference: XF:jsboard-session-file-include(18990) Reference: URL:http://xforce.iss.net/xforce/xfdb/18990 Regards, Joey -- The good thing about standards is that there are so many to choose from. -- Andrew S. Tanenbaum Please always Cc to me when replying to me on the lists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
