Is there anything we could use with say mod_rewrite or snort, that could detect and avert a possible attack?
I'm not sure I can upgrade all my installations, in due time, because of backwards compatibility issues in some extensions. Relating to that: how's the status on script-kiddie compatible exploits or an expected ATA on those? At 16:49 7/22/2002 +0300, Marko Karppinen wrote: > PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1 > > >Issued on: July 22, 2002 >Software: PHP versions 4.2.0 and 4.2.1 >Platforms: All > > > The PHP Group has learned of a serious security vulnerability in PHP > versions 4.2.0 and 4.2.1. An intruder may be able to execute arbitrary > code with the privileges of the web server. This vulnerability may be > exploited to compromise the web server and, under certain conditions, > to gain privileged access. > > >Description > > PHP contains code for intelligently parsing the headers of HTTP POST > requests. The code is used to differentiate between variables and files > sent by the user agent in a "multipart/form-data" request. This parser > has insufficient input checking, leading to the vulnerability. > > The vulnerability is exploitable by anyone who can send HTTP POST > requests to an affected web server. Both local and remote users, even > from behind firewalls, may be able to gain privileged access. > > >Impact > > Both local and remote users may exploit this vulnerability to compromise > the web server and, under certain conditions, to gain privileged access. > So far only the IA32 platform has been verified to be safe from the > execution of arbitrary code. The vulnerability can still be used on IA32 > to crash PHP and, in most cases, the web server. > > >Solution > > The PHP Group has released a new PHP version, 4.2.2, which incorporates > a fix for the vulnerability. All users of affected PHP versions are > encouraged to upgrade to this latest version. The downloads web site at > > http://www.php.net/downloads.php > > has the new 4.2.2 source tarballs, Windows binaries and source patches > from 4.2.0 and 4.2.1 available for download. > > >Workaround > > If the PHP applications on an affected web server do not rely on HTTP > POST input from user agents, it is often possible to deny POST requests > on the web server. > > In the Apache web server, for example, this is possible with the > following code included in the main configuration file or a top-level > .htaccess file: > > <Limit POST> > Order deny,allow > Deny from all > </Limit> > > Note that an existing configuration and/or .htaccess file may have > parameters contradicting the example given above. > > >Credits > > The PHP Group would like to thank Stefan Esser of e-matters GmbH for > discovering this vulnerability. > > >Copyright (c) 2002 The PHP Group. > > > >-- >PHP Development Mailing List <http://www.php.net/> >To unsubscribe, visit: http://www.php.net/unsub.php Met vriendelijke groeten / With kind regards, Webmaster IDG.nl Melvyn Sopacua <@Logan> I spent a minute looking at my own code by accident. <@Logan> I was thinking "What the hell is this guy doing?" http://www.geekissues.org/quotes/top50.html?6824 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, visit: http://www.php.net/unsub.php
