[Phpmyadmin-devel] Re: MAJOR security hole
"Thomas Bähr [Office]"
baehr at glaswald.de
Mon Aug 12 03:10:02 CEST 2002
Hi Robin an the others,
> > With using some of these URL's you can do stuff like:
> > http://www1.tsimtung.com/phpMyAdmin/sql.php?goto=/etc/passwd&btnDrop=No
>I've just merged a fix against that, but it needs some testing since I do
>not have a machine here which is affected by this securety hole.
*G* that has been a very stupid function in the first case .. one should
always watch security than coding such stuff
I did not check how you fixed that but I guess the easiest way whould be to
add $cfg[PmaAsoluteUri] to the $is_gotofile var
so the above would result in
"http://www1.tsimtung.com/phpMyAdmin/etc/passwd" an therefor fail ;-)
More information about the Developers