spamversand

If you run PHP in cgi-mode you are probably vulnerable to a newly found bug:
Heise: Gefahr-durch-offene-PHP-Luecke
Adding parameters like http://localhost/index.php?-s to an url can show the source code or even inject or run parametes in the shell.

Until an update exists it might be wise to filter out some string-elements (like “-” without “=”)
RewriteCond %{QUERY_STRING} ^(%2d|-)[^=]+$ [NC]
RewriteRule ^(.*) $1? [L]


Tags: exploits

This entry was posted on Friday, May 4th, 2012 at 08:19 and is filed under Allgemein. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.