[HACK] Bug en el PHP Script GoldLink v3.0 (Advisory)
RaiSe
raise at netsearch-ezine.com
Tue Feb 4 15:01:09 CET 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Buenas.
Existe un bug en el script de intercambio de links GoldLink v3.0 (muy
utilizado en webs Hispanas), que permite ejecutar comandos remotamente
(con privilegios del demonio web), ver ficheros de configuracion de la
base de datos, etc.
Os pongo el link del advisory que ha salido en Undersec:
http://www.undersec.com/advisories/GoldLink_Advisory.txt
Un saludo.
==============-----------------------------==============
RaiSe
UNDERSEC Security Team / http://www.undersec.com
NetSearch Ezine Staff / http://www.netsearch-ezine.com
ysfk>2{5~~2s~eska2~}dw2k}g<<< XOR 18
==============-----------------------------==============
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iD8DBQE+P5gGSP4h0VxUtqMRAqpwAJ9udniB1Aa5ad+cIURQjFLlCgSo+wCfdbcL
O6uyNJS5Fxlm0VXUxmMXsAI=
=YllS
-----END PGP SIGNATURE-----
More information about the hacking
mailing list