oss-sec mailing list archives
Re: PHP information disclosure via easter egg ?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
From: Johannes Schlüter <johannes () php net>
Date: Thu, 28 Jun 2012 12:34:17 +0200
Hi, On Wed, 2012-06-27 at 23:12 -0600, Kurt Seifried wrote:
http://php.net/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 shows authors, SAPI modules (and their authors) and normal modules (and their authors), resulting in a significant information disclosure (version #'s can be narrowed down from the authors list).
I have barely seen attackers actually trying to figure out the version number. 99% are directly trying to exploit known vectors using some scripts. And to get the version number there's a way simpler way, also controlled using the same php.ini setting: $ echo "HEAD / HTTP/1.0\n" | nc www.php.net 80 | grep PHP Server: Apache/1.3.41 (Unix) PHP/5.2.17 X-Powered-By: PHP/5.2.17 johannes
Current thread:
- PHP information disclosure via easter egg ?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 Kurt Seifried (Jun 27)
- Re: PHP information disclosure via easter egg ?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 Pierre Joye (Jun 27)
- Re: PHP information disclosure via easter egg ?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 Kurt Seifried (Jun 28)
- Re: PHP information disclosure via easter egg ?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 Oden Eriksson (Jun 28)
- Re: PHP information disclosure via easter egg ?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 Kurt Seifried (Jun 28)
- Re: PHP information disclosure via easter egg ?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 Matthias Weckbecker (Jun 27)
- Re: PHP information disclosure via easter egg ?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 Johannes Schlüter (Jun 28)
- Re: Re: PHP information disclosure via easter egg ?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 Stuart Henderson (Jun 28)
- RE: Re: PHP information disclosure via easter egg ?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 Zeev Suraski (Jun 28)
- Re: Re: PHP information disclosure via easter egg ?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 Kurt Seifried (Jun 28)
- Re: Re: PHP information disclosure via easter egg ?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 Rasmus Lerdorf (Jun 28)
- Re: Re: PHP information disclosure via easter egg ?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 Stuart Henderson (Jun 28)
- Re: PHP information disclosure via easter egg ?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 Pierre Joye (Jun 27)