Difference between revisions of "Vuln php dl"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with "= PHP function dl() allows an attacker load their own extension into php = cURL is a flexible library for performing transfers over a wide range of protocols. This protocol ...")
 
m (PHP function dl() allows an attacker load their own extension into php)
 
Line 1: Line 1:
 
= PHP function dl() allows an attacker load their own extension into php =
 
= PHP function dl() allows an attacker load their own extension into php =
  
cURL is a flexible library for performing transfers over a wide range of protocols.  This protocol allows file transfers from inside the application.  This may expose your system to malicious software being downloaded on the system.
+
The dl() function allows an application load extensions into php.  This essentially allows file transfers from inside the application to potentially remote systems or to load otherwise protected files.  This may expose your system to malicious software being downloaded on the system, unauthorized modification of software, the bypassing of security controls in the application itself or even access to otherwise protected files, such as password files and configuration files.
 
+
  
 
= Next Steps =
 
= Next Steps =

Latest revision as of 18:01, 10 February 2012

[edit] PHP function dl() allows an attacker load their own extension into php

The dl() function allows an application load extensions into php. This essentially allows file transfers from inside the application to potentially remote systems or to load otherwise protected files. This may expose your system to malicious software being downloaded on the system, unauthorized modification of software, the bypassing of security controls in the application itself or even access to otherwise protected files, such as password files and configuration files.

[edit] Next Steps

If this risk is unacceptable for your system, then you will want to disable this capability in PHP.

Step 1: Log into the ASL GUI, click on Configuration and select the ASL configuration menu option. This will open the ASL configuration screen.

Step 2: Scroll down to PHP_CHECKS and make sure this is set to "yes". By default ASL will only warn about PHP vulnerabilities. If you set this to yes, it will also fix these vulnerabilities. If this is set to "no" the next step will not work, so set this to "yes".

Step 3: Scroll down to ALLOW_dl and set this to "no".

Step 4: Click the "update" button.

This will resolve this vulnerability.

Personal tools