lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <442A1DF9.20805@album.co.nz>
Date: Wed Mar 29 06:41:24 2006
From: jasper at album.co.nz (Jasper Bryant-Greene)
Subject: Critical PHP bug - act ASAP if you are running
	web with sensitive data

My point is, can you think of a logical reason why html_entity_decode 
would be run on user input? I'm sure some idiot is doing it (and 
therefore this is a security issue, though not exactly critical), but I 
don't think I can think of a reason why it would be done.

Why would you want to decode HTML entities given by a user? The opposite 
(encode their input into HTML entities) is the usual approach...

Jasper

Slythers Bro wrote:
> 
> 
> <?php
>    $host = "127.0.0.1 <http://127.0.0.1>";
>    $user = "sqluser";
>    $pass = "sqlpass";
> 
>  .....
> 
>    $foobar=html_entity_decode($_GET['foo']);
>    echo $foobar;
> 
> ?>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ