Re: SQL injection in PHPGroupware

From: Dan Kuykendall (danat_private)
Date: Thu Apr 11 2002 - 00:36:44 PDT

Next message: Charles M. Richmond: "Re: Cisco Security Advisory: Solaris /bin/log vulnerability"

Previous message: Dan Kuykendall: "Re: (SRADV00006) Remote command execution vulnerabilities in phpGroupWare"
Maybe in reply to: Matthias Jordan: "SQL injection in PHPGroupware"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) In-Reply-To: <17122201257.20020403160836@code-fu.de> The problem is caused by a specific change to the standard PHP options by the debian packages. For some reason magic_quotes_gpc is set to Off in the /etc/phpgroupware/apache.conf If you change the two entries to On then the security hole disappears. This IS NOT a phpGroupWare security hole per se, its a problem with a config setting that we rely on from PHP. We are currently looking at restructuring a few areas to take over what magic_quotes_gpc does so that we can be safe when it is turned off. That will likely show up in 0.9.16 since 0.9.14 is probably going to be released soon and wont have time to be retrofitted. Seek3r phpGroupWare Spokesperson

Next message: Charles M. Richmond: "Re: Cisco Security Advisory: Solaris /bin/log vulnerability"
Previous message: Dan Kuykendall: "Re: (SRADV00006) Remote command execution vulnerabilities in phpGroupWare"
Maybe in reply to: Matthias Jordan: "SQL injection in PHPGroupware"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Apr 11 2002 - 18:29:45 PDT