php-exec-dir补丁命令访问限制绕过漏洞

漏洞信息详情

php-exec-dir补丁命令访问限制绕过漏洞

• CNNVD编号：CNNVD-200412-964
• 危害等级： 超危
  
  
• CVE编号：
  CVE-2004-2692
  
• 漏洞类型：
  
  
  配置错误
  
• 发布时间：
  
  2004-12-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2007-10-09
  
• 厂        商：
  
  kyberdigi_labs
• 漏洞来源：
  .’);”>Disclosure of this…

带有安全模式禁用的exec_dir PHP补丁(php-exec-dir) 4.3.2版本到4.3.7版本存在漏洞。远程攻击者可以借助backtick操作员绕过限制以及执行任意命令，该漏洞使用php_escape_shell_cmd函数时不作用。

It is reported that the vendor has released updates to address this issue. At the time of writing, the website on which the patches are reported to reside is not available. It is reported that the patches may be retrieved from the following site:
http://kyebrdigi.cz/projects/execdir
php-exec-dir users are advised to contact the vendor for further information regarding obtaining and applying appropriate patches.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com .
@securityfocus.com>

来源: BID
名称: 10598
链接:http://www.securityfocus.com/bid/10598

来源: kyberdigi.cz
链接:http://kyberdigi.cz/projects/execdir/english.html

来源: XF
名称: phpexecdir-semicolon-restriction-bypass(16498)
链接:http://xforce.iss.net/xforce/xfdb/16498

来源: OSVDB
名称: 7243
链接:http://www.osvdb.org/7243

来源: SECUNIA
名称: 11928
链接:http://secunia.com/advisories/11928

来源: FULLDISC
名称: 20040708 Re: php-exec-dir vulnerable after latest upgrade
链接:http://seclists.org/fulldisclosure/2004/Jul/0357.html

来源: FULLDISC
名称: 20040708 RE: php-exec-dir vulnerable after latest upgrade
链接:http://seclists.org/fulldisclosure/2004/Jul/0350.html

来源: FULLDISC
名称: 20040708 php-exec-dir vulnerable after latest upgrade
链接:http://seclists.org/fulldisclosure/2004/Jul/0347.html