Full Disclosure mailing list archives
Re: Critical PHP bug - act ASAP if you are running web with sensitive data
From: Tõnu Samuel <tonu () jes ee>
Date: Wed, 29 Mar 2006 08:51:18 +0300
Jasper Bryant-Greene wrote:
My point is, can you think of a logical reason why html_entity_decode would be run on user input? I'm sure some idiot is doing it (and therefore this is a security issue, though not exactly critical), but I don't think I can think of a reason why it would be done.Why would you want to decode HTML entities given by a user? The opposite (encode their input into HTML entities) is the usual approach...
Ok, this "critical" is my fault. Seeing memory dump of other user data seems serious enough to me and I suspected it might affect different functions despite this one. Now when we know more, I agree that it is less critical than suspected by me. Still it is a problem and as subject told: "if you are running web with sensitive data". Malicious user can upload new script and see what others are doing. In most cases not so critical as I assumed but still bad enough and I really expect to see announcements for such problems faster and patches to come out (I mean RPM-s this time). Right now my systems are unprotected till I start to make packages myself or Novell is going to make one. Three weeks is too much. And what about PHP 4.x and 5.0 users?
Tõnu _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Critical PHP bug - act ASAP if you are running web with sensitive data Tõnu Samuel (Mar 28)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Tõnu Samuel (Mar 28)
- Re: Critical PHP bug - act ASAP if you are runningweb with sensitive data FuntKlakow (Mar 28)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Stefan Esser (Mar 28)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Tõnu Samuel (Mar 28)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Jasper Bryant-Greene (Mar 28)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Slythers Bro (Mar 28)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Slythers Bro (Mar 28)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Jasper Bryant-Greene (Mar 28)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Tõnu Samuel (Mar 28)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Jasper Bryant-Greene (Mar 28)
- Re: PHP html_decode_entity vulnerability Tõnu Samuel (Mar 29)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Tõnu Samuel (Mar 28)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Tõnu Samuel (Mar 28)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Tõnu Samuel (Mar 28)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Jeff Rosowski (Mar 29)