| To: | Stefano Zanero <s.zanero@securenetwork.it> |
|---|---|
| Subject: | Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include |
| From: | Gadi Evron <ge@linuxbox.org> |
| Date: | Mon, 29 Jan 2007 13:00:15 -0600 (CST) |
| Cc: | trzindan@hotmail.fr, bugtraq@securityfocus.com |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | bugtraq-list@securepoint.com |
| Delivered-to: | mailing list bugtraq@securityfocus.com |
| Delivered-to: | moderator for bugtraq@securityfocus.com |
| In-reply-to: | <45BD101B.3020105@securenetwork.it> |
| List-help: | <mailto:bugtraq-help@securityfocus.com> |
| List-id: | <bugtraq.list-id.securityfocus.com> |
| List-post: | <mailto:bugtraq@securityfocus.com> |
| List-subscribe: | <mailto:bugtraq-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:bugtraq-unsubscribe@securityfocus.com> |
| Mailing-list: | contact bugtraq-help@securityfocus.com; run by ezmlm |
How can we all automate the testing process for fake vulns in and list them as such without overburdening OSVDB, CVE, Milworm and SecuriTeam? On Sun, 28 Jan 2007, Stefano Zanero wrote: > trzindan@hotmail.fr wrote: > > > local Calendar System v1.1 (lcStdLib.inc) Remote File Include > > Fake vuln > > > code : > > The variables are set in config.php > > > exploit: > > You never tested them. Which is pretty lame. > > Stefano > |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: Fake: Open Conference Systems = 2.8.2 Remote File Inclusion, Michał Melewski |
|---|---|
| Next by Date: | Arbitrary Code Execution in SQL-Ledger and LedgerSMB through redirects, Chris Travers |
| Previous by Thread: | Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Stefano Zanero |
| Next by Thread: | Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Stefano Zanero |
| Indexes: | [Date] [Thread] [Top] [All Lists] |