| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <004901c458c0$417c8060$5746370a@nsp.co.nz> From: venom at gen-x.co.nz (VeNoMouS) Subject: flaw in php_exec_dir patch Found a issue last night while testing php_exec_dir patch if you do the following $blah=`ps aux`; echo nl2br($blah); php_exec_dir will block the call if you have set the exec_dir parm in php or apache anyway.... if you do this $blah=`;ps aux`; echo nl2br($blah); it bypasses the exec block and excutes the ps due to the ';', as bash interrupts ';' as a new cmd, ive emailed the author but no response. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040623/9a58f4be/attachment.html
Powered by blists - more mailing lists