Login | Register For Free | Help	Search this list this category for: (Advanced)

Mailing List Archive: Bugtraq: Bugtraq Re: New Include Redirect Bug XSS All vBulletin(r) v 3.x.x   Index | Next | Previous | View Flat

coley at mitre Jun 21, 2007, 1:21 PM Views: 289 Permalink Re: New Include Redirect Bug XSS All vBulletin(r) v 3.x.x Scott MacVicar said: >There is a much more significant issue than executing an XSS if you >can upload a file to a remote site... XSS could be put into an image that's allowed to be uploaded, then directory traversal could be used to reference that image. The image data could be very small and made to look like it's conformant. XSS could be put into log files (such as the web server log files) simply by including it in an arbitrary request, then directory traversal can be used to reference that log file. Both of these techniques are commonly used in PHP exploits. There are probably others. Then there's the whole possibility of using directory traversal to reference completely unexpected code, which could prevent important variables from being set, but people haven't researched that technique very much. In short - you don't need to create a file, you merely need to influence its contents. - Steve

Subject User Time Re: New Include Redirect Bug XSS All vBulletin(r) v 3.x.x coley at mitre Jun 21, 2007, 1:21 PM     Re: Re: New Include Redirect Bug XSS All vBulletin(r) v 3.x.x scott-REMOVE- at vbulletin Jun 22, 2007, 3:30 AM

Index | Next | Previous | View Flat   Bugtraq     Bugtraq

Interested in having your list archived? Contact lists@gossamer-threads.com
 

Web Applications & Managed Hosting Powered by Gossamer Threads Inc.