small security problems small security problems
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

small security problems

Started by Andi, October 23, 2004, 07:07:02 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Andi

October 23, 2004, 07:07:02 PM Last Edit: October 24, 2004, 02:53:10 PM by GauGau
Hi dev-Team :)

the following files can be called directly and displays some error messages (full path disclosure):

include/search.inc.php,v 1.9 2004/09/30 22:30:38 nibbler999
include/plugin_api.inc.php,v 1.10 2004/09/04 00:40:22 kegobeer
include/picmgmt.inc.php,v 1.26 2004/10/22 09:36:39 caspershadow
include/keyword.inc.php,v 1.2 2004/08/13 04:27:20 gaugau
include/media.functions.inc.php,v 1.8 2004/09/25 19:09:44 caspershadow
include/langfallback.inc.php,v 1.8 2004/10/05 11:54:01 adityamooley
include/logger.inc.php,v 1.11 2004/08/08 09:57:13 gaugau
plugins/sef_urls/codebase.php,v 1.3 2004/08/08 20:48:47 oddeveloper
plugins/sef_urls/codebase.php,v 1.4 2004/08/08 10:06:56 gaugau

The same is in all language files.

With some only, if error_reporting is switched on  ;)


Maybe it's a good idea to put this line:
if (!defined('IN_COPPERMINE')) die('Not in Coppermine...');
in top of file


Additionaly, but i'm not shure....

In file include/keyword.inc.php,v 1.2 2004/08/13 04:27:20 gaugau there are this 2 lines in top of file:
Code Select
define('IN_COPPERMINE', true);
define('SEARCH_PHP', true);
Is this correct?
hope, I could help you... :)

Joachim Müller

#1
October 24, 2004, 02:52:50 PM
Quote from: Andi on October 23, 2004, 07:07:02 PM
the following files can be called directly and displays some error messages (full path disclosure):

include/search.inc.php,v 1.9 2004/09/30 22:30:38 nibbler999
include/plugin_api.inc.php,v 1.10 2004/09/04 00:40:22 kegobeer
include/picmgmt.inc.php,v 1.26 2004/10/22 09:36:39 caspershadow
include/keyword.inc.php,v 1.2 2004/08/13 04:27:20 gaugau
include/media.functions.inc.php,v 1.8 2004/09/25 19:09:44 caspershadow
include/langfallback.inc.php,v 1.8 2004/10/05 11:54:01 adityamooley
include/logger.inc.php,v 1.11 2004/08/08 09:57:13 gaugau
plugins/sef_urls/codebase.php,v 1.3 2004/08/08 20:48:47 oddeveloper
plugins/sef_urls/codebase.php,v 1.4 2004/08/08 10:06:56 gaugau

The same is in all language files.

With some only, if error_reporting is switched on  ;)


Maybe it's a good idea to put this line:
if (!defined('IN_COPPERMINE')) die('Not in Coppermine...');
in top of file
Although there's little threat potential if an attacker tries to directly browse those files I added the line as you suggested.

Quote from: Andi on October 23, 2004, 07:07:02 PMAdditionaly, but i'm not shure....

In file include/keyword.inc.php,v 1.2 2004/08/13 04:27:20 gaugau there are this 2 lines in top of file:
Code Select
define('IN_COPPERMINE', true);
define('SEARCH_PHP', true);
Is this correct?
Yes, this is correct: the definition just says what var inside the language file to use - to keep things simpler and avoid redundancy, I used the lang vars from search.php.

Joachim

Andi

#2
October 24, 2004, 04:27:41 PM
Hi Joachim :)
I believe that was a misunderstanding.
With the constant SEARCH_PHP i was irritated and not sure.
But is not correct with the constant IN_COPPERMINE somewhat.

Iin the new file version (keyword.inc.php,v 1.3 2004/10/24 12:49:42 gaugau)  are this 2 lines:

line #19 : define('IN_COPPERMINE', true);

line #22 : if (!defined('IN_COPPERMINE')) { die('Not in Coppermine...');}

;) oh god my english...., sorry  :)
hope, I could help you... :)

Joachim Müller

#3
October 25, 2004, 08:21:25 AM
you're right, that's a contradiction in terms. Both definitions are useless, I dropped them from the code.

Joachim
Print
Go Up Pages1
User actions