preilly at wikimedia
May 21, 2012, 1:26 PM
Post #2 of 2
(176 views)
Permalink
|
|
Re: Security alert: PHP 5.4.3 windows version upload exploit
[In reply to]
|
|
Got to love code like this: http://www.exploit-db.com/exploits/18861/
— Patrick
On Mon, May 21, 2012 at 1:21 PM, Thomas Gries <mail [at] tgries> wrote:
> ** Keine Antwort erforderlich ** no reply needed **
>
> FYI:
> I just received the following information
>
> http://www.heise.de/newsticker/meldung/Ungepatche-Luecke-in-aktueller-PHP-Version-1580790.html
> (German)
> https://isc.sans.edu/diary.html?storyid=13255
>
> "Clarifications/Updates to the original diary:
>
> - This is NOT remote exploitable. An exploit would require the attacker
> to upload PHP code to the server, at which point, the attacker could
> just use PHP to run shell commands via "exec".
>
> - only the windows version is vulnerable"
>
> "There is a remote exploit in the wild for PHP 5.4.3 in Windows, which
> takes advantage of a vulnerability in the com_print_typeinfo
> <http://php.net/manual/en/function.com-print-typeinfo.php> function. The
> php engine needs to execute the malicious code, which can include any
> shellcode like the the ones that bind a shell to a port."
>
> ** Keine Antwort erforderlich ** no reply needed **
>
> _______________________________________________
> Wikitech-l mailing list
> Wikitech-l [at] lists
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
|
signature.asc
