| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 29 Mar 2006 15:22:14 +1200 From: Jasper Bryant-Greene <jasper@...um.co.nz> To: Tõnu Samuel <tonu@....ee> Cc: Stefan Esser <sesser@....net>, bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk Subject: Re: Critical PHP bug - act ASAP if you are running web with sensitive data Tõnu Samuel wrote: > > Nice! I was really nervous already as I got bombed with e-mails and I > really did not knew much more than was discovered. Meanwhile I am bit > disappointed that we had nearly month such a bug in wild and software > distributors like SuSE in my case did not published patches. I think as > long enough time passed and I hope distributors maybe need to see it - I > publish exploit. Sorry, this was discovered independently and for me it > looks like very serious problem. > > Script is: > <?php > > $foobar=html_entity_decode($_GET['foo']); > echo $foobar; > > ?> I very much doubt there are many applications at all containing code like this. It is illogical to be decoding html entities from user input. Therefore I would not call this a "very serious problem" and certainly not a critical bug. Jasper _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists