|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: SecurityReason : PHP 5.2.6 dba_replace() destroying file
From: Eygene Ryabinkin (rea-sec
codelabs.ru)
Date: Sat Dec 06 2008 - 06:47:14 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Maksymilian, Ilia, good day.
Thu, Nov 27, 2008 at 11:54:44PM -0000, cxibsecurityreason.com wrote:
> [ SecurityReason.com PHP 5.2.6 dba_replace() destroying file ]
[...]
> - --- 1. dba_replace() destroying file ---
>
> Function dba_replace() are not filtring strings key and value. There
> is a possibility the destruction of the file.
This vulnerability exists in 4.x line as well and it is still unpatched.
Had verified it for dba extension from 4.4.9.
According to the revision log,
http://cvs.php.net/viewvc.cgi/php-src/ext/dba/libinifile/inifile.c?view=log&pathrev=
there is no fix in the official PHP tree for 4.x yet.
--
Eygene
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]