Welcome! Log In Create A New Profile

Advanced

Re: Possible widespread PHP configuration issue - security risk

August 27, 2010 11:47AM
http://myserver/uploads/test.jpg/.php - this attack relyes on some php-fcgi feature ?

I don't think it will work on 'proxy_pass' to Apache

Actually, there is difference between
location ~ .php$ { }
and
location ~ .php {}

Last one will match 'test.php.jpg', but Apache will still handle such file as image/jpeg, so 'fastcgi_pass' is still required to exploit such configuration.

It also applyes to first exploit too - most installations forbid access to *.php files in upload/ dir by .htaccess, so 'proxy_pass' will return 403 in most cases.


But, again, people using 'fastcgi_pass' should take a look at their configs, they really may be vulnerable.
Subject Author Posted

Possible widespread PHP configuration issue - security risk

Ed W August 27, 2010 11:28AM

Re: Possible widespread PHP configuration issue - security risk

zuborg August 27, 2010 11:47AM

Re: Possible widespread PHP configuration issue - security risk

Jim Ohlstein August 27, 2010 11:50AM

Re: Possible widespread PHP configuration issue - security risk

Ed W August 27, 2010 12:10PM

Re: Possible widespread PHP configuration issue - security risk

Jim Ohlstein August 27, 2010 12:18PM

Re: Possible widespread PHP configuration issue - security risk

Ed W August 27, 2010 12:30PM

Re: Possible widespread PHP configuration issue - security risk

vesperto August 27, 2010 12:36PM

Re: Possible widespread PHP configuration issue - security risk

Ed W August 27, 2010 12:48PM

Re: Possible widespread PHP configuration issue - security risk

Cliff Wells August 27, 2010 01:14PM

Re: Possible widespread PHP configuration issue - security risk

Ed W August 27, 2010 01:24PM

Re: Possible widespread PHP configuration issue - security risk

Cliff Wells August 27, 2010 01:50PM

Re: Possible widespread PHP configuration issue - security risk

Ed W August 27, 2010 01:54PM

Re: Possible widespread PHP configuration issue - security risk

Ed W August 27, 2010 01:52PM

Re: Possible widespread PHP configuration issue - security risk

ubitux August 27, 2010 01:56PM

Re: Possible widespread PHP configuration issue - security risk

Cliff Wells August 27, 2010 02:10PM

Re: Possible widespread PHP configuration issue - security risk

Cliff Wells August 27, 2010 02:16PM

Re: Possible widespread PHP configuration issue - security risk

mike August 27, 2010 02:22PM

Re: Possible widespread PHP configuration issue - security risk

Cliff Wells August 27, 2010 02:44PM

Re: Possible widespread PHP configuration issue - security risk

Ed W August 28, 2010 06:38AM

Re: Possible widespread PHP configuration issue - security risk

brianmercer August 27, 2010 12:22PM

Re: Possible widespread PHP configuration issue - security risk

Ed W August 27, 2010 12:26PM

Re: Possible widespread PHP configuration issue - security risk

Ed W August 27, 2010 12:46PM

Re: Possible widespread PHP configuration issue - security risk

brianmercer August 27, 2010 01:17PM

Re: Possible widespread PHP configuration issue - security risk

Maxim Dounin August 27, 2010 01:26PM

Re: Possible widespread PHP configuration issue - security risk

Boris Dolgov August 27, 2010 01:26PM

Re: Possible widespread PHP configuration issue - security risk

Ed W August 27, 2010 01:38PM

Re: Possible widespread PHP configuration issue - security risk

Ed W August 27, 2010 12:52PM

Re: Possible widespread PHP configuration issue - security risk

Raina Gustafson August 27, 2010 01:02PM

Re: Possible widespread PHP configuration issue - security risk

Ensiferous August 30, 2010 12:46PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 305
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready