Re: (php?) bug exploit report

To: debian-security@lists.debian.org
Cc: Csan <csani@lme.linux.hu>
Subject: Re: (php?) bug exploit report
From: Oliver Hitz <oliver@net-track.ch>
Date: Tue, 20 Jan 2004 10:00:04 +0100
Message-id: <[🔎] 20040120090004.GB3007@net-track.ch>
Mail-followup-to: debian-security@lists.debian.org, Csan <csani@lme.linux.hu>
In-reply-to: <[🔎] 1074519612.400bde3c5cfb5@mail.dominet.hu>
References: <[🔎] 1074519612.400bde3c5cfb5@mail.dominet.hu>

On 19 Jan 2004, Csan wrote:
> The URL is part of a postnuke site and they could start up the telnetd binary
> with invoking an URL similar to the above URL!
> Is this a known sechole?

I think you should be able to avoid such exploits by using PHP's safe
mode. It allow you, among other things, to specify that only files in
a particular directory may be executed. This way, even if someone
succeeds uploading an exploit onto your server, he won't be able to run
it.

Regards,

Oliver

Reply to:

Follow-Ups:
- Re: (php?) bug exploit report
  - From: Chris Morris <cim@durge.org>
- Re: (php?) bug exploit report
  - From: Thomas Sjögren <thomas@northernsecurity.net>

References:
- (php?) bug exploit report
  - From: Csan <csani@lme.linux.hu>

Prev by Date: Re: Release.gpg files gone?
Next by Date: Re: (php?) bug exploit report
Previous by thread: Re: (php?) bug exploit report
Next by thread: Re: (php?) bug exploit report
Index(es):
- Date
- Thread