Okay hello all.I make it fast i running phpnuke 7.5 and got Sentinal 2.1 iinstalled.Everything is running ok but today i got a warning that my nuke is still hackable.I am not posting the Exploit only what the Exploit Shows us like this
Warning: main(): open_basedir restriction in effect. File(../../../includes/sentinel.php) is not within the allowed path(s): (/home/sonic:/usr/lib/php:/usr/local/lib/php:/tmp) in /home/111/public_html/mainfile.php on line 3
Warning: main(../../../includes/sentinel.php): failed to open stream: Operation not permitted in /home/111/public_html/mainfile.php on line 3
Warning: main(): Failed opening '../../../includes/sentinel.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/111/public_html/mainfile.php on line 3
Warning: main(): open_basedir restriction in effect. File(../../../config.php) is not within the allowed path(s): (/home/sonic:/usr/lib/php:/usr/local/lib/php:/tmp) in /home/111/public_html/mainfile.php on line 118
Warning: main(../../../config.php): failed to open stream: Operation not permitted in /home/111/public_html/mainfile.php on line 118
Fatal error: main(): Failed opening required '../../../config.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/111/public_html/mainfile.php on line 118
This is it now he said that he can hack my Nuke with these Data.Any Experts here let me know if this true? and when its true how can i patch this? Waiting 4 reply thanks
Evaders99 Site Admin
Joined: Aug 17, 2003
Posts: 12389
Posted:
Sun Jan 23, 2005 11:40 am
Basically its a standard path disclosure problem. Having this out won't lead to a direct attack, but it may be possible to use this knowledge to do some nasty stuff if your server is already compromised.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
