Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Wikipedia: Wikitech

Security alert: PHP 5.4.3 windows version upload exploit

 

 

Wikipedia wikitech RSS feed   Index | Next | Previous | View Threaded


mail at tgries

May 21, 2012, 1:21 PM

Post #1 of 2 (299 views)
Permalink
Security alert: PHP 5.4.3 windows version upload exploit

** Keine Antwort erforderlich ** no reply needed **

FYI:
I just received the following information

http://www.heise.de/newsticker/meldung/Ungepatche-Luecke-in-aktueller-PHP-Version-1580790.html
(German)
https://isc.sans.edu/diary.html?storyid=13255

"Clarifications/Updates to the original diary:

- This is NOT remote exploitable. An exploit would require the attacker
to upload PHP code to the server, at which point, the attacker could
just use PHP to run shell commands via "exec".

- only the windows version is vulnerable"

"There is a remote exploit in the wild for PHP 5.4.3 in Windows, which
takes advantage of a vulnerability in the com_print_typeinfo
<http://php.net/manual/en/function.com-print-typeinfo.php> function. The
php engine needs to execute the malicious code, which can include any
shellcode like the the ones that bind a shell to a port."

** Keine Antwort erforderlich ** no reply needed **
Attachments: signature.asc (0.48 KB)


preilly at wikimedia

May 21, 2012, 1:26 PM

Post #2 of 2 (302 views)
Permalink
Re: Security alert: PHP 5.4.3 windows version upload exploit [In reply to]

Got to love code like this: http://www.exploit-db.com/exploits/18861/

Patrick

On Mon, May 21, 2012 at 1:21 PM, Thomas Gries <mail [at] tgries> wrote:
> ** Keine Antwort erforderlich ** no reply needed **
>
> FYI:
> I just received the following information
>
> http://www.heise.de/newsticker/meldung/Ungepatche-Luecke-in-aktueller-PHP-Version-1580790.html
> (German)
> https://isc.sans.edu/diary.html?storyid=13255
>
> "Clarifications/Updates to the original diary:
>
> - This is NOT remote exploitable. An exploit would require the attacker
> to upload PHP code to the server, at which point, the attacker could
> just use PHP to run shell commands via "exec".
>
> - only the windows version is vulnerable"
>
> "There is a remote exploit in the wild for PHP 5.4.3 in Windows, which
> takes advantage of a vulnerability in the com_print_typeinfo
> <http://php.net/manual/en/function.com-print-typeinfo.php> function. The
> php engine needs to execute the malicious code, which can include any
> shellcode like the the ones that bind a shell to a port."
>
> ** Keine Antwort erforderlich ** no reply needed **
>
> _______________________________________________
> Wikitech-l mailing list
> Wikitech-l [at] lists
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l

Wikipedia wikitech RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.