[pLog-svn] php security scanner
Jon Daley
plogworld at jon.limedaley.com
Tue Jul 4 19:39:06 GMT 2006
On Tue, 4 Jul 2006, Ammar Ibrahim wrote:
> PHP Security Scanner. http://securityscanner.lostfiles.de/
Interesting.
I am now running it, and will see if there is anything obvious that it
reports.
1. xmlrpc.php has an fopen call on line 783 that allows a "..". I am not
sure what the xmlrpc stuff needs to be able to do, so I am not comfortable
modifying that regexp without further guidance. I am not sure where the
arguments are coming when passed to metaWeblogNewMediaObject().
The client is giving us a filename to open? That sounds bad, although I
guess the temp_dir is specified in the config file, probably .htaccess
could be specified in addition to filenames with ".." in them?
still going - but wanted to see if any of the rest of you were looking
into it, so we don't duplicate work.
More information about the pLog-svn
mailing list