MantisBT

View Issue Details Jump to Notes ] Related Changesets ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0005655ATutoratutor.capublic2016-03-19 11:372016-06-30 17:43
Reportermr_me 
Assigned Tomr_me 
PriorityhighSeverityminorReproducibilityalways
StatusclosedResolutionfixed 
PlatformUnixOSOS Version
Product Version2.2.1 
Target Version2.2.1Fixed in Version2.2.2 
Summary0005655: Arbitray file read in view_item.php
Descriptionhttp://172.16.175.152/ATutor/mods/_standard/forums/view_item.php?url=/etc/passwd&h= [^]


        define('AT_INCLUDE_PATH', '../../../include/');
        require(AT_INCLUDE_PATH.'vitals.inc.php');

        $url = urldecode($_GET['url']);

        @readfile($_GET['url']);


TagsNo tags attached.
Affects versionSVN
SVN Revision#f9bb47d..d4c0013
Attached Filespng file icon read.png [^] (451,207 bytes) 2016-03-19 11:37

- Relationships

-  Notes
(0007349)
mr_me (developer)
2016-03-19 11:37

remember, auth can be bypassed...
(0007360)
mr_me (developer)
2016-03-21 10:04

Patch: https://github.com/atutor/ATutor/pull/114 [^]
(0007367)
greg (administrator)
2016-03-23 19:56

File no longer in use
(0007447)
greg (administrator)
2016-06-30 17:43

Close for 2.2.2

- Related Changesets
ATutor: master d1466eb6
Timestamp: 2016-03-23 19:54:15
Author: greg
Details ] Diff ]
5655 removed vulnerable, deprecated file, from stevenseeley
rm - mods/_standard/forums/view_item.php Diff ] File ]

- Issue History
Date Modified Username Field Change
2016-03-19 11:37 mr_me New Issue
2016-03-19 11:37 mr_me Status new => assigned
2016-03-19 11:37 mr_me Assigned To => greg
2016-03-19 11:37 mr_me File Added: read.png
2016-03-19 11:37 mr_me Note Added: 0007349
2016-03-21 10:04 mr_me Note Added: 0007360
2016-03-23 19:56 greg SVN Revision# => f9bb47d..d4c0013
2016-03-23 19:56 greg Note Added: 0007367
2016-03-23 19:56 greg Status assigned => resolved
2016-03-23 19:56 greg Fixed in Version => 2.2.2
2016-03-23 19:56 greg Resolution open => fixed
2016-03-23 19:56 greg Assigned To greg => mr_me
2016-04-16 16:15 greg Changeset attached => ATutor master d1466eb6
2016-06-30 17:43 greg Note Added: 0007447
2016-06-30 17:43 greg Status resolved => closed


Copyright © 2000 - 2017 MantisBT Team
Powered by Mantis Bugtracker