Slashdot Mirror

← Back to Stories (view on slashdot.org)

Recently Exposed PHP Hole's Official Fix Ineffective

Posted by timothy on from the considered-busted dept.

wiredmikey writes "On Wednesday, a remote code execution vulnerability in PHP was accidentally exposed to the Web, prompting fears that it may be used to target vulnerable websites on a massive scale. The bug itself was traced back to 2004, and came to light during a recent CTF competition. 'When PHP is used in a CGI-based setup (such as Apache's mod_cgid), the php-cgi receives a processed query string parameter as command line arguments which allows command-line switches, such as -s, -d or -c to be passed to the php-cgi binary, which can be exploited to disclose source code and obtain arbitrary code execution,' a CERT advisory explains. PHP developers pushed a fix for the flaw, resulting in the release of PHP 5.3.12 and 5.4.2, but as it turns out it didn't actually remove the vulnerability."

2 of 240 comments (clear)

  1. Re:Cm'on by nickdc · · Score: 5, Interesting

    The answer is Facebook, and I got a job by using this bug against them! see?

  2. Re:And by drunkennewfiemidget · · Score: 5, Interesting

    > No licensing
    Wrong

    > stable
    This news post is proof that's wrong.

    > great track record
    Wrong.

    > flexable
    About as flexible as your spelling.

    > modules for everything
    This is true. AND THEYRE ALL PART OF THE CORE API! ImageMagick, MySQL (THREE TIMES!), Curl, etc .. all in the core API.

    PHP is a fucking disgrace and a blight on the world and needs to die a fiery death.

    (Spend a few minutes reading the url I linked above at veekun.com for a wonderful break won on why PHP is a heinous pile of horseshit.)