16 2340
On Mon, 23 Feb 2004 20:54:36 GMT, Tim Tyler <ti*@tt1lock.org> wrote: Today's: "Directory Traversal Vulnerability":
- http://secunia.com/advisories/10955/
More evidence tht PHP was hacked together rapidly without a great deal of thought being given to security.
It's evidence that some script named 'phpNewsManager' was hacked together
rapidly without a great deal of thought being given to security. The same bug
can be implemented in many languages.
--
Andy Hassall <an**@andyh.co.uk> / Space: disk usage analysis tool
<http://www.andyh.co.uk> / <http://www.andyhsoftware.co.uk/space>
On 23-Feb-2004, Tim Tyler <ti*@tt1lock.org> wrote: Today's: "Directory Traversal Vulnerability":
- http://secunia.com/advisories/10955/
More evidence tht PHP was hacked together rapidly without a great deal of thought being given to security.
I suggest you attempt to learn the difference between PHP and an application
written in PHP before you embarrass yourself further.
--
Tom Thackrey www.creative-light.com
tom (at) creative (dash) light (dot) com
do NOT send email to ja*********@willglen.net (it's reserved for spammers)
Tim Tyler wrote: Today's: "Directory Traversal Vulnerability":
- http://secunia.com/advisories/10955/
More evidence tht PHP was hacked together rapidly without a great deal of thought being given to security.
Are you serious? or lonely? If you're the former, read on - If you're
the latter, then buy a dog and take a walk...
Read the first two lines of the article you posted... It says
"G00db0y has reported a vulnerability in phpNewsManager, which can be
exploited by malicious people to gain knowledge of sensitive information."
Note where is says "vulnerability in phpNewsManager"
What part of the above do you not understand?
And... You say its "More evidence" ? Do you have some equally
compelling issues that you'd like to share with us? With evidence like
that, you ought to work for Mr Bush or Mr Blair...
"Reply Via Newsgroup" <re****************@please.com> wrote in message
news:15w_b.607738$ts4.470009@pd7tw3no... Tim Tyler wrote:
Today's: "Directory Traversal Vulnerability":
- http://secunia.com/advisories/10955/
More evidence tht PHP was hacked together rapidly without a great deal of thought being given to security.
Are you serious? or lonely? If you're the former, read on - If you're the latter, then buy a dog and take a walk...
Read the first two lines of the article you posted... It says
"G00db0y has reported a vulnerability in phpNewsManager, which can be exploited by malicious people to gain knowledge of sensitive information."
Note where is says "vulnerability in phpNewsManager"
What part of the above do you not understand?
And... You say its "More evidence" ? Do you have some equally compelling issues that you'd like to share with us? With evidence like that, you ought to work for Mr Bush or Mr Blair...
Are you saying the OP is a weapon of misdirection?
"8-P
--
Remove the blots from my address to reply
Reply Via Newsgroup wrote: With evidence like that, you ought to work for Mr Bush or Mr Blair...
....or are currently employed by Mr. Gates? ;)
--
Justin Koivisto - sp**@koivi.com
PHP POSTERS: Please use comp.lang.php for PHP related questions,
alt.php* groups are not recommended.
SEO Competition League: http://seo.koivi.com/
Well, it does show that PHP isn't idiot-proofed enough. ASP.Net probably
would have deemed that suspicious and threw an exception or something.
I think sometimes PHP gives programmers too much rope to hang themselves. A
more sensible setup would set open_basedir initially to the same directory
as the script, and let the programmer change it to something less
restrictive.
Uzytkownik "Andy Hassall" <an**@andyh.co.uk> napisal w wiadomosci
news:jm********************************@4ax.com... On Mon, 23 Feb 2004 20:54:36 GMT, Tim Tyler <ti*@tt1lock.org> wrote:
Today's: "Directory Traversal Vulnerability":
- http://secunia.com/advisories/10955/
More evidence tht PHP was hacked together rapidly without a great deal of thought being given to security. It's evidence that some script named 'phpNewsManager' was hacked together rapidly without a great deal of thought being given to security. The same
bug can be implemented in many languages.
-- Andy Hassall <an**@andyh.co.uk> / Space: disk usage analysis tool <http://www.andyh.co.uk> / <http://www.andyhsoftware.co.uk/space>
Reply Via Newsgroup <re****************@please.com> wrote or quoted: Tim Tyler wrote:
Today's: "Directory Traversal Vulnerability":
- http://secunia.com/advisories/10955/
More evidence tht PHP was hacked together rapidly without a great deal of thought being given to security.
Are you serious? or lonely? If you're the former, read on - If you're the latter, then buy a dog and take a walk...
Read the first two lines of the article you posted... It says
"G00db0y has reported a vulnerability in phpNewsManager, which can be exploited by malicious people to gain knowledge of sensitive information."
Note where is says "vulnerability in phpNewsManager"
What part of the above do you not understand?
I don't recommend trying to patronise me - you'll only wind up
making yourself look stupid.
And... You say its "More evidence" ? Do you have some equally compelling issues that you'd like to share with us? With evidence like that, you ought to work for Mr Bush or Mr Blair...
The fact that PHP's notion of "fine grained permissions" basically boils
down to:
* Safe mode;
* Not safe mode;
....is also pretty damning, IMO.
You ought to be able to choose to run different scripts in different
sorts of sandbox with different sorts of security constraints.
....and remember "register_globals"? As someone else said:
``However, note that PHP doesn't have a particularly good security
vulnerability track record (e.g., register_globals, a file upload
problem, and a format string problem in the error reporting library); I
believe that security issues were not considered sufficiently in early
editions of PHP.''
- http://www.dwheeler.com/secure-progr...HOWTO/php.html
--
__________
|im |yler http://timtyler.org/ ti*@tt1lock.org Remove lock to reply.
Justin Koivisto <sp**@koivi.com> wrote or quoted: Reply Via Newsgroup wrote: With evidence like that, you ought to work for Mr Bush or Mr Blair...
...or are currently employed by Mr. Gates? ;)
Do you reckon Bill would still hire me? After I wrote:
``Microsoft have now clocked up over a hundred years worth of brimstone
and damnation on my hate-o-meter - a feat I am unlikely to forget in a
hurry.
Currently, they show few signs of turning back from their path to
damnation.
I'll probably treat them the way the old testament recommends:
no respite until the seventh son of the seventh son.'' [usenet, 1999]
....and...
``I don't think I've ever characterised my attitude towards
Microsoft as "blind hate".
I'm not Microsoft's biggest fan - but to me this seems to be a
rational position in the light of their crappy products,
shoddy business ethics, and generally soulless and tasteless
approach to software.'' [usenet, 2002];
....?
--
__________
|im |yler http://timtyler.org/ ti*@tt1lock.org Remove lock to reply.
[top-post fixed]
"Chung Leong" <ch***********@hotmail.com> wrote in message news:<BP********************@comcast.com>... Uzytkownik "Andy Hassall" <an**@andyh.co.uk> napisal w wiadomosci news:jm********************************@4ax.com... On Mon, 23 Feb 2004 20:54:36 GMT, Tim Tyler <ti*@tt1lock.org> wrote:
Today's: "Directory Traversal Vulnerability":
- http://secunia.com/advisories/10955/
More evidence tht PHP was hacked together rapidly without a great deal of thought being given to security. It's evidence that some script named 'phpNewsManager' was hacked together rapidly without a great deal of thought being given to security. The same bug can be implemented in many languages.
Well, it does show that PHP isn't idiot-proofed enough. ASP.Net probably would have deemed that suspicious and threw an exception or something. http://[victim]/functions.php?clang=../../../[existing_file]
This is what they claim as vulnerability in the application. So, you
expect that PHP should throw some exceptions in this case??
--
"Success is not what you achieve, but it is what you die for"
If you live in USA, please support John Edwards.
Email: rrjanbiah-at-Y!com
On 24-Feb-2004, ng**********@rediffmail.com (R. Rajesh Jeba Anbiah) wrote: [top-post fixed] "Chung Leong" <ch***********@hotmail.com> wrote in message news:<BP********************@comcast.com>... Uzytkownik "Andy Hassall" <an**@andyh.co.uk> napisal w wiadomosci news:jm********************************@4ax.com... On Mon, 23 Feb 2004 20:54:36 GMT, Tim Tyler <ti*@tt1lock.org> wrote:
>Today's: "Directory Traversal Vulnerability": > > - http://secunia.com/advisories/10955/ > >More evidence tht PHP was hacked together rapidly without a great >deal >of thought being given to security.
It's evidence that some script named 'phpNewsManager' was hacked together rapidly without a great deal of thought being given to security. The same bug can be implemented in many languages.
Well, it does show that PHP isn't idiot-proofed enough. ASP.Net probably would have deemed that suspicious and threw an exception or something.
http://[victim]/functions.php?clang=../../../[existing_file]
This is what they claim as vulnerability in the application. So, you expect that PHP should throw some exceptions in this case??
Bad design can cause errors which don't throw exceptions in PHP or ASP.Net
or Java or C++ or <insert your favorite language here>.
In this case, the error would probably not have caused an exception in
ASP.Net either.
Nothing is idiot proof. The idiots are too good at what they do.
--
Tom Thackrey www.creative-light.com
tom (at) creative (dash) light (dot) com
do NOT send email to ja*********@willglen.net (it's reserved for spammers)
Uzytkownik "R. Rajesh Jeba Anbiah" <ng**********@rediffmail.com> napisal w
wiadomosci news:ab**************************@posting.google.c om... Well, it does show that PHP isn't idiot-proofed enough. ASP.Net probably would have deemed that suspicious and threw an exception or something.
http://[victim]/functions.php?clang=../../../[existing_file]
This is what they claim as vulnerability in the application. So, you expect that PHP should throw some exceptions in this case??
Well, my opinion is that, by default, PHP should restrict all file access,
until you've specified base paths where file read/write are permitted.
Or at least, have the file functions by default reject paths like
/var/temp/../../etc/something. I don't see them occuring frequently under
normal circumstances. Remote include should be off by default too.
Uzytkownik "Tom Thackrey" <us***********@nospam.com> napisal w wiadomosci
news:8F****************@newssvr27.news.prodigy.com ... Bad design can cause errors which don't throw exceptions in PHP or ASP.Net or Java or C++ or <insert your favorite language here>.
I haven't seen the code, so I can't say whether it's bad design or what.
Looks more like a simple implementation mistake to me.
In this case, the error would probably not have caused an exception in ASP.Net either.
You're right, it doesn't. Rather surprising since it throws an exception
when you enter something as harmless as "<i>".
Nothing is idiot proof. The idiots are too good at what they do.
Bad programming happens. As things are in PHP, a single slip-up and you fall
off the cliff. Some safty railing would be good.
> Or at least, have the file functions by default reject paths like /var/temp/../../etc/something.
It depends of how your webhost configured it imho.
R. Rajesh Jeba Anbiah <ng**********@rediffmail.com> wrote or quoted: "Chung Leong" <ch***********@hotmail.com> wrote in message news:<BP********************@comcast.com>... Uzytkownik "Andy Hassall" <an**@andyh.co.uk> napisal w wiadomosci On Mon, 23 Feb 2004 20:54:36 GMT, Tim Tyler <ti*@tt1lock.org> wrote:
>Today's: "Directory Traversal Vulnerability": > > - http://secunia.com/advisories/10955/ > >More evidence tht PHP was hacked together rapidly without a great deal >of thought being given to security.
[...]
Well, it does show that PHP isn't idiot-proofed enough. ASP.Net probably would have deemed that suspicious and threw an exception or something.
http://[victim]/functions.php?clang=../../../[existing_file]
This is what they claim as vulnerability in the application. So, you expect that PHP should throw some exceptions in this case??
Most definitely:
Web scripting languages should restrict access to files on the web site
that is serving them by default - and under *no* circumstances should they
allow access the system's password file.
--
__________
|im |yler http://timtyler.org/ ti*@tt1lock.org Remove lock to reply.
Tim Tyler <ti*@tt1lock.org> wrote in message news:<Ht********@bath.ac.uk>... R. Rajesh Jeba Anbiah <ng**********@rediffmail.com> wrote or quoted: "Chung Leong" <ch***********@hotmail.com> wrote in message news:<BP********************@comcast.com>... Uzytkownik "Andy Hassall" <an**@andyh.co.uk> napisal w wiadomosci > On Mon, 23 Feb 2004 20:54:36 GMT, Tim Tyler <ti*@tt1lock.org> wrote: >Today's: "Directory Traversal Vulnerability": > > > > - http://secunia.com/advisories/10955/ > > > >More evidence tht PHP was hacked together rapidly without a great deal > >of thought being given to security. [...] Well, it does show that PHP isn't idiot-proofed enough. ASP.Net probably would have deemed that suspicious and threw an exception or something.
http://[victim]/functions.php?clang=../../../[existing_file]
This is what they claim as vulnerability in the application. So, you expect that PHP should throw some exceptions in this case??
Most definitely:
Web scripting languages should restrict access to files on the web site that is serving them by default - and under *no* circumstances should they allow access the system's password file.
This argument is completely silly, IMHO; but YMMV.
For me, it sounds like a DOS programmer complaining C for allowing:
system("format c:");
--
"Success is not what you achieve, but it is what you die for"
If you live in USA, please support John Edwards.
Email: rrjanbiah-at-Y!com
R. Rajesh Jeba Anbiah <ng**********@rediffmail.com> wrote or quoted: Tim Tyler <ti*@tt1lock.org> wrote in message news:<Ht********@bath.ac.uk>... R. Rajesh Jeba Anbiah <ng**********@rediffmail.com> wrote or quoted:
http://[victim]/functions.php?clang=../../../[existing_file]
This is what they claim as vulnerability in the application. So, you expect that PHP should throw some exceptions in this case??
Most definitely:
Web scripting languages should restrict access to files on the web site that is serving them by default - and under *no* circumstances should they allow access the system's password file.
This argument is completely silly, IMHO; but YMMV.
For me, it sounds like a DOS programmer complaining C for allowing: system("format c:");
That sort of security hazzard is one of the reasons people ditched C
in droves in favour of Java - which offers features such as sandboxes
and graduated access permissions, which - if employed - make attacks
carrying this sort of payload impossible.
--
__________
|im |yler http://timtyler.org/ ti*@tt1lock.org Remove lock to reply. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: hiwa |
last post by:
What would be the simplest solution for a JSP or Java servlet letting
client retrieve realtime directory listing and directory traversal on
the server like output from local ls command or content...
|
by: ravi mannan |
last post by:
Hello all,
I'm trying to read an xml file and create a nested JPopupMenu from
that. The first thing I want to do is to read in the xml file and put
it in a Document using DOM and then do a...
|
by: Anand K Rayudu |
last post by:
Hi all,
I am trying to find a way to get the files recursively in a given
directory,
The following code is failing, can some one please suggest what could be
problem here
from os import...
|
by: guy001 |
last post by:
Hi, I'm trying to traverse the DOM in a bit of a non-traditional manner
and am struggling to get my head around it.
Just say i have some elements like so:
A
|-B
|-C
| |-D
|
|
by: John Young |
last post by:
I'm trying to parse a directory, but am not sure of the best way of
doing it. Preferably using only .net instructions. Can anyone give me an
idea of how to do this?
Thanks in advance for any...
| |
by: GrispernMix |
last post by:
//ques and and level order traversal
file name: lab6_build_leaf_up.cpp
Instructions:
|
by: Cat |
last post by:
Hi.
Would you recommend a ASP (IIS) web server vulnerability scanner? If I
install the all the updates from Microsoft, then I don't need
vulnerability scanners? I was on a chat, I installed all...
|
by: Brent |
last post by:
I'm having a maddening problem that's probably simple in its solution.
I'm installing MediaWiki on a Windows 2003 Server under IIS, and I'm
having this error repeatedly:
Warning:...
|
by: Ravi Kumar |
last post by:
hi :)
I was trying to develop a custom mod_python based web-site, just
today. the problem I got
though i liked the mod_python's feature of mapping and calling
functions in python script by...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
| |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
| |