Potential Issue

[WB]

Chuck:

Could you comment on:

http://secunia.com/advisories/21971/

the original advisory section listed there.

It mentions 2.5 but notes that other versions could still be vulnerable.

Could you check that out to see if that is still an issue with 3.3 and above?

Thanks!

[Chuck S]

Doesnt seem to be an issue that I see

http://www.reeftalk.com/reviews/inde...k.com/test.php

[Michael P]

I believe that all the security code added to all our products came out in RP3.0 which was still over a year ago.

RP 2.5 was released back in 1/2004.

[WB]

Chuck:

Thanks.

The URL looks like it has RR_PATH versus RP_PATH in it. I assume that was a typo and that the test was with RP_PATH.

On a more general note, so 3.3x versions properly verify input pass to variables like 'RP_PATH' such that similar types of remote includes, etc. aren't an issue?

Thanks for the quick response!

[WB]

Quote:

Originally Posted by Michael P

I believe that all the security code added to all our products came out in RP3.0 which was still over a year ago.

RP 2.5 was released back in 1/2004.

Michael:

Thanks, just saw your message after posting my reply to Chuck.

So I take it then that generally speaking the security code added properly verifies input pass to variables like 'RP_PATH' such that similar types of remote includes, etc. aren't an issue?

[Chuck S]

We only define variables in our typecast function.

$RP_PATH is only set in config file

The issue with earlier versions is that we got all variables through a standard $_GET from the url but now we typecast only certain variables and define them either as INT and STRING

[WB]

I see, thanks for the explanation.