Re: php create_function commond injection vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: php create_function commond injection vulnerability
From: "Steven M. Christey" <coley@xxxxxxxxx>
Date: Mon, 29 Sep 2008 13:14:13 -0400 (EDT)
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

There are two main takeaways from this advisory:

1) PHP application programmers can and will misuse this function
   (CVE-2008-4096, CVE-2007-5423), but most PHP code auditors probably
   don't check for it yet.  So it's good for awareness.

2) Any language that has an equivalent capability for creating
   anonymous functions will probably have application programmers that
   abuse it.

- Steve

Prev by Date: Advisory : Opera Window Object Suppressing Remote Denial of Service
Next by Date: [security bulletin] HPSBMA02373 SSRT071467 rev.1 - HP Insight Diagnostics, Remote Unauthorized Access to Files
Previous by thread: Re: php create_function commond injection vulnerability
Next by thread: [security bulletin] HPSBST02372 SSRT080133 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-052 to MS08-055
Index(es):
- Date
- Thread