| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed Mar 29 08:18:47 2006 From: tonu at jes.ee (Tõnu Samuel) Subject: Critical PHP bug - act ASAP if you are running web with sensitive data ---------- Forwarded Message ---------- Subject: Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data Date: Wednesday 29 March 2006 10:06 From: T?nu Samuel <tonu@....ee> To: Jasper Bryant-Greene <jasper@...um.co.nz> On Wednesday 29 March 2006 08:54, you wrote: > Sure, this is still a fairly serious bug. (As an aside, if you have > sensitive data, you really shouldn't allow users to upload new scripts, > or be running in a shared hosting env.) There is a one vector most people do not seem to know. You can telnet to port 80 and say GET <?php ..... write full script there and include web server log file later. Who knows what else blackhats can do. Every single hole must be closed. > I can't speak for other distros, but there's a bug in Gentoo Bugzilla > for this: http://bugs.gentoo.org/127939 Thank you! I think this problem must be fixed in every PHP version, not only 5.1 series. They knew about it but never told. That's bad. T?nu -------------------------------------------------------
Powered by blists - more mailing lists