Package: src:dtc
Version: 0.29.17-1
Severity: critical
Tags: security
Hi,
shared/inc/sql/lists.php includes code like
if ($_REQUEST[$tunable_name]!=""){
//i write in the file
$write_line = "echo ".$_REQUEST[$tunable_name]." > ".$option_file;
exec($write_line);
}else{ //i remove the file
and does not seem to check the contents of $_REQUEST for sanity as far as I can
see.
(I did not try actually using it as I do not have dtc setup.)
Regards,
Ansgar
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
