[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: php create_function commond injection vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: php create_function commond injection vulnerability
From: lmfao@xxxxxxxxxxx
Date: 25 Sep 2008 15:53:02 -0000

Are you kidding ?

As the PHP manual said "if you use double quotes there will be a need to escape 
the variable names".

In your example you use a function with double quotes, without escaping the 
variable $sort_by, so
this is not a PHP vulnerability, but a development one.

For this time, don't blame PHP, blame developers.
It's like if I was using mysql_query() without escaping user's inputs...an sql 
injection, not a PHP vuln ;)

Follow-Ups:
- Re: php create_function commond injection vulnerability
  - From: bzhbfzj3001

Prev by Date: [security bulletin] HPSBST02372 SSRT080133 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-052 to MS08-055
Next by Date: C4 Security Advisory - ABB PCU400 4.4-4.6 Remote Buffer Overflow
Previous by thread: php create_function commond injection vulnerability
Next by thread: Re: php create_function commond injection vulnerability
Index(es):
- Date
- Thread