PHP 5.4 Remote Exploit PoC in the wild

ISC Diary: There is a remote exploit in the wild for PHP 5.4.3 in Windows, which takes advantage of a vulnerability in the com_print_typeinfo function. The php engine needs to execute the malicious code, which can include any shellcode like the the ones that bind a shell to a port. Since there is no patch available for this vulnerability yet, you might want to do the following: Block any file upload function in your php applications to avoid risks of exploit code execution....

May 19, 2012 路 1 min 路 141 words 路 Omid Farhang

PHP patch quick but inadequate

The H-Online: The updates to PHP versions 5.3.12 and 5.4.2 released on Thursday do not fully resolve the vulnerability that was accidentally disclosed on Reddit, according to the discoverer of the flaw. The bug in the way CGI and PHP interact with each other leads to a situation where attackers can execute code on affected servers. The issue remained undiscovered for eight years. The best protection at present is offered by setting up filter rules on the web server....

May 5, 2012 路 2 min 路 260 words 路 Omid Farhang

PHP 5.4.1 and PHP 5.3.11 released

The H-Online: The PHP developers have released the first update for PHP 5.4, the latest version of their popular scripting language, and an update to PHP 5.3, the older stable branch of the language. The developers say 鈥淎ll users of PHP are strongly encouraged to upgrade鈥 to the new releases. PHP 5.4.1 has more than 20 bug fixes, including some related to security. One security bug concerned insufficient validating of the an upload name, which then led to corrupted $_FILES indices....

April 27, 2012 路 1 min 路 189 words 路 Omid Farhang

Critical PHP vulnerability being fixed

The H-Security: The PHP developers are working to fix a critical security vulnerability in PHP that they introduced with a recent security patch. The current stable release is affected; however, it is not yet clear whether the questionable patch was also applied to older versions. The cause of the problem is the security update to PHP 5.3.9, which was written to prevent denial of service (DoS) attacks using hash collisions. To do so, the developers limited the maximum possible number of input parameters to 1,000 in php_variables....

February 2, 2012 路 2 min 路 237 words 路 Omid Farhang

phpMyAdmin updates close XSS hole

H-Online: The phpMyAdmin developers have announced聽the release of versions 3.4.4 and 3.3.10.4 of their open source database administration tool. According to the security advisory, these maintenance and security updates close a hole (CVE-2011-3181) in the Tracking feature that leads to multiple cross-site scripting (XSS) vulnerabilities. The exploit was discovered by Norman Hippert and is caused due to improper sanitisation when input is passed to the table, column and index names....

August 25, 2011 路 1 min 路 160 words 路 Omid Farhang

WordPress and PHP-based management systems under attack?

A variety of sources are reporting that blog hosting sites with WordPress-created sites and php-based management systems such as Zen Care eCommerce are being infected with malicious scripts. Websites hosted by ISP DreamHost, GoDaddy, Bluehost and Media Temple have been found with the malcode, according to H-Online.com. The malicious scripts download malcode and block Google鈥檚 Safe Browsing API from alerting users. Story here: 鈥淟arge-scale attack on WordPress鈥 The Sucuri Security blog has offered clean-up instructions for those with infected pages here....

May 11, 2010 路 1 min 路 81 words 路 Omid Farhang

What does PHP stand for? Probable Hacked Page?

Late last week, the wires were buzzing over news that the official site of PHP-Nuke 鈥淧rofessional Content Management System鈥 was serving malware. I am frankly amazed to see the site still infected 4 days later. We see hacked sites everyday and the majority are running PHP-driven applications such as Content Management Systems (CMS). The PHP-Nuke site is currently running PHP v. 5.2.9. Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5....

May 11, 2010 路 1 min 路 164 words 路 Omid Farhang