Full Disclosure mailing list archives
PHP Exploit
From: full-disclosure () lists netsys com (Ulf H{rnhammar)
Date: Tue, 23 Jul 2002 12:27:59 +0200
Description PHP contains code for intelligently parsing the headers of HTTP POST requests. The code is used to differentiate between variables and files sent by the user agent in a "multipart/form-data" request. This parser has insufficient input checking, leading to the vulnerability.
Another hole in the same part of the code as last time..
Workaround If the PHP applications on an affected web server do not rely on HTTP POST input from user agents, it is often possible to deny POST requests on the web server.
Seeing as the multipart/form-data MIME type is mostly used with file uploads (forms without file uploads usually use the application/x-www-form-urlencoded MIME type), perhaps you could protect yourself by setting file_uploads to off in php.ini, or maybe that doesn't work for some reason. // Ulf Harnhammar
Current thread:
- PHP Exploit Paul Tinsley (Jul 22)
- PHP Exploit KF (Jul 22)
- PHP Exploit Charles 'core' Stevenson (Jul 22)
- PHP Exploit Ulf H{rnhammar (Jul 23)
- <Possible follow-ups>
- PHP Exploit Paul Tinsley (Jul 22)