Dr. Christopher Kunz

Kauft das PHP-Sicherheitsbuch!

Dritte Auflage
Jetzt das eBook bestellen!
~~€ 36,00~~
Als eBook nur € 28,99!

Links

(Profil nur für Xing-Mitglieder sichtbar)
VServer Hosting
@christopherkunz

Pages

Frontpage
About Christopher Kunz
Kontaktformular

@christopherkunz

Nice to see people with healthy ego: "the first and the only False Positive Free web application security scanner." (from full disclosure)Sunday, September 2 2012
It's a bit frightening to see that anyone with access to a youtube account can cause unrest in the Middle East. Downside of global village.Monday, September 17 2012
Internet Security Days 2012: Sessions about Mobile Malware and unencrypted Wifi. Priceless. #isd2012 #security #failTuesday, September 11 2012
"Java - Schwere Sicherheitslücke betrifft Millionen Rentner" #misreadFriday, August 31 2012
Come to think of it... HTML5 XSS will be fun.Thursday, August 23 2012

Follow me

Entries tagged as exploit

Tuesday, May 8. 2012

PHP 5.4.3 and 5.3.13 fix several security issues

The PHP team has announced PHP 5.4.3 and 5.3.13, fixing two separate security issues.

CVE-2012-2311 and CVE-2012-1823 are both fixed now. These are the CVE numbers for the PHP-CGI bug that has been announced by Eindbazen last week, and extensively covered by myself in various posts.

In addition, CVE-2012-2329 has been fixed, another issue in PHP-CGI. This was a heap overflow triggered by specially crafted HTTP headers and a script executing apache_request_headers().

I have tested my own exploit against the new version (5.4 only, I have no 5.3 setup) and there does not seem to be a possibility to exploit the vectors opened in CVE-2012-2311 and CVE-2012-1823. These issues seem to be fixed now. ~~I have no exploit code for CVE-2012-2329, so I cannot make a statement if it is fixed yet.~~ Update: I have tested Georg Wicherski’s PoC exploit against 5.4.3 and it seems that CVE-2012-2329 is now also fixed.

Read the announcement here: PHP 5.4.3/5.3.13 release announcement

The download page for PHP 5.4.3 is here, the download for 5.3.13 is over here.

Posted by Christopher Kunz in PHP at 21:36 | Comments (0) | Trackbacks (5)

Defined tags for this entry: bugfix, cgi, CVE-2012-1823, CVE-2012-2311, CVE-2012-2329, exploit, PHP, release announcement, security, vulnerability

Friday, December 29. 2006

Cacti "cmd.php" Command Execution - Hotfix

Hi,

just a real quick hotfix to the critical vulnerability described in this advisory:

Put this into the .htaccess in your cacti directory and you should be good. This does not have any impact on the poller cronjob and does not require code or ini changes.

Posted by Christopher Kunz at 16:42 | Comments (2) | Trackbacks (0)

Defined tags for this entry: cacti, exploit, hotfix, PHP, remote command execution, security, sql injection

(Page 1 of 1, totaling 2 entries)

Entries tagged as exploit

Kauft das PHP-Sicherheitsbuch!

Links

Pages

Tag cloud

@christopherkunz

Entries tagged as exploit

Tuesday, May 8. 2012

PHP 5.4.3 and 5.3.13 fix several security issues

Friday, December 29. 2006

Cacti "cmd.php" Command Execution - Hotfix