 |
 |
 |
 |
|
|
Date: 07/14/01
- Next message: Arno A. Karner: "[phplib] security register_global vars"
- Previous message: Jeff Stuart: "[phplib] Re[2]: [phplib-dev] security: READ THIS!"
- In reply to: Jeff Stuart: "[phplib] Re[2]: [phplib-dev] security: READ THIS!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, 14 Jul 2001, Jeff Stuart wrote:
> Hello nathan,
>
>
> Ok.. let me ask a stupid question here.
>
> Exactly WHAT is the hole? You're redirecting $_PHPLIB[libdir]. Ok.. so my
> prepend.php3 has the following:
[snip prepend.php3]
>
> Now since I define my database connections in local.inc, exactly WHAT is the
> problem? My script won't work. Oh no! Some "hacker" just broke my script
> but just for him/her. Or am I just being dense here?
>
An evil user could simply import a modified verion of phplib from their
own site into your running app that did nasty things like email your db
passwords, app passwords, delete things, etc.. It could, potentially, be
very devistating.
I will generate a 7.2d with this change and send it to the approprerate
places by tommorow morning. Giancarlo, can you generate a security
advisement (with description of hole and exploit code) and send it to me
off-list please for inclusion with the annoucenment?
-n
-- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- nathan hruby / digital statement nathan <email protected> http://www.dstatement.com/Public GPG key can be found at: http://www.dstatement.com/nathan-gpg-key.txt ED54 9A5E 132D BD01 9103 EEF3 E1B9 4738 EC90 801B -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-- Abbestellen mit Mail an: phplib-unsubscribe <email protected> Kommandoliste mit Mail an: phplib-help <email protected>
- Next message: Arno A. Karner: "[phplib] security register_global vars"
- Previous message: Jeff Stuart: "[phplib] Re[2]: [phplib-dev] security: READ THIS!"
- In reply to: Jeff Stuart: "[phplib] Re[2]: [phplib-dev] security: READ THIS!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]